Phishing: Don't Get Caught in the Net
Phishing is the term used to describe an Internet scam that uses social engineering to lure information from people. Victims of phishing schemes may unknowingly hand over personal information like log-in credentials and financial information. They may later find themselves the victims of identity theft, fraud and sometimes even blackmail.
A user’s Internet security is dependent on their diligence in avoiding phishing schemes. For users who are familiar with what they are and how they work, phishing schemes are easy to avoid.
The Email Scam
Most email providers offer spam filtering but occasionally, spam will make its way through to the user’s inbox. Some of these emails may be phishing schemes.
In some instances, users may receive an email supposedly from their credit card company or bank. It will contain an urgent message with a compelling reason why they should log into their account immediately. It will include a link to the site. If the user clicks on that link, they will be directed to a website that mimics that of the actual credit card company or bank. When they enter their log-in credentials, they may receive a message indicating they entered it wrong. At that point, they will be redirected to the actual correct site where they can successfully log in. They will have handed their log-in credentials over to a hacker without even realizing it.
Users are advised to ignore suspicious emails. Sometimes these emails can be very sophisticated and well written. Users may feel compelled to check their accounts for accuracy. In this case, they should type the URL of the business’s website directly into their browser window. Links, whenever from an unknown or questionable source, should never been clicked on.
The Too Good to be True Scam
Another way that hackers will use phishing to lure their victims is through making them offers that they will find too appealing to ignore. Whether it is a product being offered at an unbelievably low price, or a compelling job offer, victims often cannot let the opportunity pass them by. Once they have expressed interest, they may be invited to create an account to get more information.
While this may seem harmless, it has the potential to be disastrous. As part of the account set-up, users will be asked to enter their name and email address and select a user name and password. Hackers know that people have a tendency to use the same user name and password at multiple sites. With this information, hackers may be able to access the user’s email account and various popular online accounts. This will provide them with enough information to assume the victim’s identity or make unlawful purchases through their accounts.
To avoid this, users should be wary of any site that requires them to create an account to access more information. In the event they feel it has the potential of being legitimate, they should create the account with a user name and password unlike anything they have ever used before. It is not a bad idea to have a separate email account for cases such as this as well.
The Social Media Scam
Users of social networking sites may occasionally notice people in their network posting links to salacious videos or to advertise something amazing. Because they see the post came from a friend, they might be intrigued and tempted to follow the links. In nearly every case, this is a malware phishing scheme and clicking on the link will make the user a victim. Victims will then continue the cycle by inadvertently posting the same thing for everyone in their social network to see. Once infected with this malware, users may have their social networking accounts compromised. Hackers can use their account information to perpetrate identity theft and fraud.
To avoid this, users should ignore these kinds of posts and links. In the event that it seems legitimate, users are advised to contact the friend who posted it and verify that it is not a scam.
A useful tool to avoid scams and keep your information secure and private is to use a Virtual Private Network (VPN) when browsing the internet.
Yes, every where there is scam and it is left upto the user to choose a legit site and keep away from scams.I too have received scam emails claiming that I have own lottery, got a job etc. Most often I check the reviews from the email domain that I received.I use Webutations.org which has criteria like Webutation reviews and Web of trust that calculates the trustfulness from various reviews found.Then I do a whois search using WhoisXY.com and get to know about the website owner details.If I find it to be a scam I try to report it to the respective domain registrar.