Phishing is making you believe that you are on a secure page, when in fact you are on the attacker’s page. Phishing is usually presented in the form of an email, in which the user is asked to follow a link that redirects them to the false page. On this page, the user is asked to enter sensitive information that the attacker wants to steal, such as a username and password.
Although the most common means of phishing attackers is to send emails, they also use instant messaging applications and direct messaging on social networks.
Large webmail services like Gmail and Outlook already have filters that stop most phishing and spam emails. Thus preventing most threats from reaching your inbox. If you look in the Spam folder you will see some of them. But they are not perfect and there is always some malicious email that sneaks in.
This is not the case with direct messages in mobile applications or social networks, where there are still no defense mechanisms other than the expulsion or blocking of the user who sends the messages.
So you must be very careful so that you do not fall into their trap, and to help you we will teach you how to identify suspicious messages.
The most important thing when identifying phishing messages or emails is common sense. If you receive a message you don’t expect. A site for furnace installation in California is reliable if it looks like this http://www.actionac.net. In which they are asking you to do something, like download a file and open it, or go to a page to confirm some data … be suspicious.
To help your common sense, we are going to give you some common characteristics of phishing emails:
- The content seems real: the emails or phishing messages try to imitate the messages that the company you are posing as would send. They would copy, for example, corporate colors, logos, copyright information, etc.
- They request confidential information: you must know that no company is going to request information from you through a message (if you have not ordered any management).
- They present urgency: normally they ask you to act diligently or otherwise, you will lose your account or your money or whatever they invent …
- Is the message addressed to you specifically? That it is not addressed to your name or your user may be indicative of being a phishing message. These messages are often sent indiscriminately to thousands of people, and since attackers do not usually know the recipient’s name, they often use generic greetings as a dear customer.
- Phishing messages often contain easily detectable errors. Look at the grammar, spelling and official brand names. Chances are it’s a phishing email if there are misspelled words or meaningless expressions.
- Note that the domain (which comes after the @) of the sender of the email is true and well written. Sometimes phishing authors tinker with letters to make the fake domain look like the real thing. For example and email email@example.com, it may sound like it was sent by Paypal, but it is not. The authentic Paypal email must be firstname.lastname@example.org
- In principle, be suspicious of unexpected emails containing attachments. The most common files that a company can send you are PDF files, they are the safest but they are not without risks. If the attachments are .doc .html or .exe be even more careful.
- Verify that the link where the email sends you is a valid and safe address. To do this, before clicking on a link (note, images can also be links), hover your mouse pointer (without clicking). If we do this, the address (URL) to which that link points will appear. ANCHOR. If that address does not correspond to that of the company that sent you the email, it means that it is a phishing email. For example, a fraudulent Paypal and phishing attacker address is the address: www.secure-paypal.com.
If you have identified any of the characteristics that we have mentioned above and you conclude that it is phishing, the first thing you should do is not click on any link or download any attached file. Do not reply to these emails in any case. The next thing to do is either delete it directly or report it.
As we already know the whole theory we are going to practice with some real cases of phishing (source OSI – Internet Security Office ).
ING Direct phishing mail
This is the email that thousands of people received … do you see anything suspicious? How many signs of phishing are you able to detect? one? two? 3?…
Surely you have identified this email as phishing, below you can see the reasons:
- Impersonal and ambiguous, because they do not refer to the customer by name.
- Misspellings … (session without an accent, a line without an accent …)
- The name of the company does not have the format that it should … if you search the internet you will see that all the official pages refer to the name ING DIRECT, all in capital letters.
- Unusual expressions … it is Spanish from Spain the expression “to prevent your access from being handled by outsiders” is not a natural phrase.
- They ask us to do something urgently. Run log in and log out
- There is a link and they ask us to click on it
- Errors … there is nowhere to catch the phrase “Greetings to you bankinter”
- Copyright icon error
As you can see, many failures make us raise the alarms that we are facing a case of phishing. If you had been clueless and followed the instructions (click the link), you would have reached the next page.
As you see the page itself could deceive you since the colors and the way of authenticating you are similar. One very important thing that you should keep in mind is that your bank will never ask you for all the codes to access your account. For example, on the page below, which is the official ING, you can read that it will only ask for 3 of the 6 access digits.
You may also like to read- https://spinity.co.uk/