How to Protect Yourself From Phishing Attack?

Phishing:

Phishing is an attempt to steal sensitive personal and financial information of an internet user by sending him/her a fraud email which looks like a legitimate one. It’s a speculative activity since the Cyber Criminal behind the attempt will be sending thousands of emails by using bulk mailing facility, hoping that a few will be indeed foolish enough, to part with sensitive information.

Phishing? Not Me! I am a Smart Geek!

Hundreds of people across India, fall prey to Phishing attacks, everyday. Even IT employees who are supposed to be aware of Phishing techniques are trapped. So do not think that you are very smart and nothing would happen to you! The next one to stare at empty bank account, could be you with a fire spitting wife and wailing kids, at your back!

Steps to Protect Yourself:

1. Never click link in any mail which prompt you to login, UNLESS you yourself had actually requested for a password change or some change in your account. If you are worried after receiving any mail which says your account has been compromised or you need to update account details etc, DO NOT click link in the mail, even if you think its legitimate. Your thoughts could be smudged by tiredness or a drink too many!

2. Type the actual website URL, login and check whether there is any message in your account. Usually there will be no message. The mail received would have been just a Phishing attempt. There you are! That is how we display smartness!

 3. Remember that “From Mail ID” that appears in the mail received by you, can be genuine mail ID. (this does not mean that you have received genuine mail) Its possible for Cyber Criminals to send mails which show “From Mail ID” as genuine mail ID. For example, you may receive mail from customercare@icicibank.com asking to click a link in the mail and login. Sounds Tricky? Phishing Guys are also Smart!

4. Remember that the Link could also be correct and read as (for example): http://www.icicibank.com/safe-online-banking/safe-online-banking.html which is genuine ICICI Bank Web Page.

BUT when you click the link, you will be taken to a page which looks exactly like ICICI Bank webpage, but the URL of that page would have very minor difference which most people would not notice.

For Example, on Click of above link, you could be taken to: http://www.iciclbank.com/safe-online-banking/safe-online-banking.html Look hard….. the spelling of icicibank is changed to iciclbank.

That means you are not at ICICI Bank website but at a fraud website launched by criminals.

In effect, users may not be able to detect that they are on a spoofed website and not on the genuine website. So naturally, the user will login using his ICICI Bank login ID and Password. Immediately, the information is saved by the criminals in their database. They would then login at your bank account and change your mobile Number etc, add third party accounts and transfer money out!

 OOPS! Just a small error from your side and you could end up with Zero Balance. And you would not even know, since the Bank Alerts will go to the Cyber Criminal’s mobile number not yours

 5. Phishing Attack With Phone Fun thrown in! Instead of clicking link, the Phishing mail could ask you to call Customer Care IMMEDIATELY! They may even warn that if you do not call within 48 hours, your account will be closed permanently. The other end will be a call center, set up specially for you, to fraudulently verify your account by asking personal identification questions like birth date, mother’s name etc. So do NOT dust your ass and pick up the phone! Instead, check the actual Customer Care Numbers from the genuine website and delete the Phishing Mail.

6. Phishing Attack can be targeted to any of your internet accounts. Remember that a Phishing attack can target any of your internet accounts not just bank accounts, including your accounts for Email, Ebay, Paypal, any Shopping Website, Facebook etc any and all. So be careful with all your accounts. Keep them in tight custody!

7. Moral of the Story! Whenever you get an email prompting you to check / change any of your internet accounts, resist the urge to click the link in the email. Instead, type the actual URL of website and check your account. Offcourse take a few seconds to delete the Phishing Mail.

You could also be kind enough to alert others, by publishing content of the fraud email at http://www.complaints-india.com That would do you a world of good!

After all, consumers have to protect themselves by sharing information about Phishing attacks!

~ by analyzehyd on October 6, 2010.

Posted in Stories

One Response to “How to Protect Yourself From Phishing Attack?”

  1. opens jobs in chennai.. for freshers and engineers :)

    Jobschennai said this on January 5, 2011 at 6:21 PM

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

 
Follow

Get every new post delivered to your Inbox.