What is phishing, how to identify it and protect your computer
Phishing is a method of on-line fraud. It is being used by cyber criminals to get confidential data from the user. Cyber criminals are using instant messages, txt messages and fraudulent websites to trick you to give them your information.
The main idea of a phishing it to get logins to the on-line banking, electronic money, credit cards, personal information or to force you to pay directly. The victim of phishing is being motivated to click on a link or to open a malicious file (which also may lead to the ransomware virus infection).
The phishing link may come from someone you know (friend, relative, co-worker, supplier or a client) and whose computer already may be infected.
There are several possible scenarios when you click on a phishing link or open infected file from email:
- malicious code will start using one of the computer/operating system/ application vulnerability;
- victim will download a malicious file;
- victim will enter their confidential information;
The most common examples of the phishing messages are:
- Your email will be blocked soon. You made an incorrect operation and you need to correct it urgently by clicking on a link. Otherwise your email will be locked.
- You are in a black list. Please click here to remove yourself from the black list.
- You have reached the limit of your mailbox. Click on a link to increase it.
- Your password has been compromised. Click on a link to change it.
How not to get onto the phishing hook
There are several ways to identify this type of fraud. All users need to be very careful and pay extra attention. The recommendation which will help you to stay safe:
- Read the emails looking for spelling and grammatical errors that may indicate a lack of familiarity with written English.
- Look for inconsistencies eg. Victorian phone number with Sydney address.
- Check that the domain name of the user is correct and does not contains any errors.
- If you have any doubt about the website, you can check on virustotal.com online service.
- Check digital certificate of the website.
- If you have any concerns about the email, it is better to delete that email address and contact organisation who that email is pretending to come from.
One more way to stay protected is to use phishing websites list. Some antivirus software can do that automatically and in real time. Also, Google Chrome, Microsoft Edge, Mozilla Firefox, Apple Safari and Opera internet browsers have a built-in tool to check such websites.
Unfortunately, cyber criminals continue improving their phishing methods and even the most careful user can become a victim of it.
Submitted by: Yuri Shcherbakov – IT Engineer
NovaTech IT Pty Ltd
Phone: 07 3266 7701
Disclaimer: The contents herein are intended for general information only and should not be construed as legal or accounting advice. Vicca Chartered Accountants Brisbane bears no responsibility for any loss that might occur from reliance on information contained in this publication. Please do not reproduce, transmit or distribute the contents herein in any form without prior permission from Vicca Chartered Accountants, Taxation Accountants Brisbane Australia.