No doubt you have wondered and asked yourself on more than one occasion, what is phishing and how can it affect you.
All of us know that it is some type of scam, although perhaps there are many who don’t know exactly what it is or the techniques used by hackers and cyber-criminals.
So, exactly what is phishing? Basically, also known as email phishing, it involves sending emails, which appear to come from trusted sources, such as banks etc, though really they are aimed at stealing confidential information from users.
These emails usually include a link which when clicked, takes you to a spoof Web page. These pages appear genuine though they are really like a mirror that hides the criminals whose sole aim is to steal your personal data.
The problem is that users think they are in a trusted site and therefore enter the requested data. However, this confidential data will fall straight into the hands of the scammers and can then be used for some type of fraud.
That’s why it is always best to access web pages by typing the address directly in the browser.
How to recognize a phishing message
It’s not always easy to recognize phishing messages, particularly if you are a client of the company from which the message has supposedly been sent.
- Even though the ‘From:’ field of the message shows the address of the company, it is not difficult for a criminal to alter the source address of the email in any mail client.
- The email may have the logos and trademarks of the organization, yet these can easily be lifted from the company’s website.
- The link in the email seems to point to the company’s website, though really it takes you to a fake page which will ask you for your user name, password, etc.
- Very often these messages contain spelling or grammatical errors that you would not normally expect in official communications from the genuine company.
It’s also important to bear in mind that although phishing has traditionally used email, now, with the increasing popularity of smartphones and social networks, there are new channels of attack.
Another thing to be aware of is that although we normally talk about phishing in the context of banks, cyber-criminals often use any popular website or platform (Ebay, Facebook, Paypal, etc) as bait for stealing personal data.
But remember, no company will ever ask you to send them your personal details via email. If they do, be very suspicious!
Moreover, as a stich in time saves nine, you can always add an extra layer of protection by installing one of our new 2015 antivirus solutions. To do this, all you have to do is visit our free antivirus page and select the one that best adapts to your ideal level of protection.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
10 comments