Color LogoLoading...

🌍 Feed

✍🏿 Compose

SPOTTING A PHISHING LINK JUST GOT EASIER

chioma victoria

Interpreting the jargon of Cybersecurity into relatable scenarios.  Feb 1, 2023
SPOTTING A PHISHING LINK JUST GOT EASIER

“So there was a phishing attack on my device two weeks ago.

The normal notification of you updating your OS popped up, since I was busy with my device, I just clicked on install and I lost control of my device… my wallets can’t be accessed.” -anonymous


Clicking on phishing links is one sure way to lose your crypto funds or even any valuable information you are holding on to, won’t you agree with me?

Let’s dwell a little bit more on phishing attacks…


It's thought that the first phishing attacks happened as far back as in the mid-1990s, when a group of hackers posed as employees of AOL and used instant messaging and email to steal users' passwords and hijack their accounts. In the early 2000s, attackers turned their attention to financial systems, first launching attacks on the digital currency site E-Gold in 2001. By 2003, phishers started registering domain names that were slight variations on legitimate commerce sites, such eBay and PayPal, and sending mass mailings asking customers to visit the sites, enter their passwords and update their credit card information.


It has always been the same tactics, but people keep falling for the same old tricks, this is because phishing filters are steadily becoming more sophisticated; they can now vet URLs and attachments in emails against known malware sources.

Even though in 2021, 40% of phishing attacks were breached, as seen in the 2021 Data Breach Investigations Report.

Still, the history of phishing has proven and remains a fruitful method for attackers, and there is no foolproof solution to it. User education remains the defense!


The question then becomes, how can one spot a phishing attack?

Look out for these red flags signs when a link or attachment is sent to you;


1.Threats or a Sense of Urgency

This is basically the predominant effect of every phishing attack. This tactic comes with a sense of urgency to encourage, or even demand, immediate action in a bid to fluster the receiver. The scammer hopes that by reading the email in haste, the content might not be examined thoroughly so other inconsistencies associated with a phishing campaign may pass undetected.


2.Unusual Request

Leading on from the point above, if the email is asking for something to be done that is not the norm, then that too is an indicator that the message is potentially malicious. For example, if an email claims to be from the IT team asking for a program to be installed, or a link to patch the PC followed, yet this type of activity is typically handled centrally or by the manufacturers, that’s a big clue that you have received a phishing email or notification and you should not follow the instructions.


3.Request for Credentials, Payment Information or Other Personal Details

One of the most sophisticated types of phishing emails is when an attacker has created a fake landing page that recipients are directed to by a link in an official looking email. The fake landing page will have a login box or request that a payment is made to resolve an outstanding issue. If the email was unexpected, recipients should visit the website from which the email has supposedly come by typing in the URL – rather than clicking on a link – to avoid entering their login credentials of the fake site or making a payment to the attacker.


4.Grammar and Spelling Errors

Another common sign of a phishing email is bad spelling and the incorrect use of grammar. Most businesses have the spell check feature on their email client turned on for outbound emails. It is also possible to apply autocorrect or highlight features on most web browsers. Therefore, you would expect emails or notification originating from a professional source to be free of grammar and spelling errors.


5. Suspicious Attachments

If an email or notification with an attached file is received from an unfamiliar source, or if the recipient did not request or expect to receive a file from the sender of the email, the attachment should be opened with caution. If the attached file has an extension commonly associated with malware downloads (.zip, .exe, .scr, etc.) – or has an unfamiliar extension – recipients should flag the file to be virus-scanned before opening.


These are the basic characteristics that has reoccured over time, so in all you do never be in hurry to take actions. 

Be Cybersafe Be Vigilante!

Top comments(3)

SEND
Home
Business Hub
Market Hub
You
By signing up you agree to ourTerms|About us|Market Hub|Business Hub|Deals Hub