With increasing use of cloud-based services, security has become an important thing and people should seriously consider this. In recent years, we saw various celebrity hacks, bank data breaches and more. And most of these hacks were one thing common. It was phishing attack to steal information. From just a fake login page to complicated and almost unidentifiable phishing URLs, this attack has evolved itself with the time. Recently discovered phishing attack was actually showing the genuine URL in the address bar while it was just a fake page hosted on some random domain but used a browser vulnerability to trick and show genuine URL.
Phishing is the most powerful and popular attack for hacking into emails and web accounts. Cyber criminals use this attack to hack into bank accounts, Facebook accounts and email account of innocent people. Every year, most of the biggest cyber crime cases involve this attack. A few months back, this attack was used to hack the password of a Microsoft employee and then the attacker hacked into Microsoft’s server by using the login credentials.
Also read: Best Keyloggers
As a user, you must know about Phishing and you should know how to keep yourself safe. In this article, I will try to explain things in simple words.
What is Phishing
In simple words, Phishing is showing the fake login page to users that look almost similar to the original login page. Users trust on it and use it to login into their account but the page sends their login data to the attacker. Most basic phishing attacks involve just the copy of login pages. But advanced phishing attacks can trick users in many ways.
Typically, attackers user email spoofing to send fake emails that look genuine and encourage users to use the link in the email to login into the account. Here, the message in email plays an important role in tricking the users.
Phishing is one of the oldest hacking methods but this attack has evolved itself and managed to be advanced with the time.
How To Prevent Phishing Attacks And Protect Your Account
To protect your account from the phishing attack, we must follow some tips that will help to detect the fake page which is trying to hack our account.
- Never give your password to any login page other than original login page. If any page is claiming for an offer and asks for your login credentials, never give. No service or website is allowed to ask for your password. Make a habit of opening links directly to login.
- If you get a link in an email and clicking on it redirects to a login page, always check for the URL. The Facebook login page will have URL start with www.facebook.com domain. Never confuse with fake domains like www.faceb00k.com or www.facebook.co.cc. These domains can trick you and steal your password.
- As I already said, recent attacks have become so advanced that URL in the browser also looks original. So, open a new tab and type the URL manually if you have any doubt.
- If you are paying your bills online, always pay if you trust the online payment gateway or you trust the vendor. If you are not sure about the vendor, ignore the offer and leave the website. Most of the hackers use discount offers to trick users and steal credit card details.
- Use latest antivirus and internet security software. It will protect you from phishing pages. Most of the internet security tools have the ability to detect and block the phishing URLs.