In general term Phishing refers to the social engineering method in which a phisher creates and hosts replica of the original websites and steals the related User information. In banking and financial sectors Phishing is the massive threat and many big Banking and financial giants spend millions to kill phishing websites. If you’re using internet banking, online shopping, share trading or anything related to finance then you might be a victim of Phishing and It is always better to know something to avoid something. Here, In this post I’ve mentioned how you can detect and avoid phishing to be safe and wealthy.
Detect and avoid Phishing Websites.
Look for domain
Make sure that you’re visiting the legitimate website. Say, If you want to visit State Bank of India net banking then the domain should be onlinesbi.com. So, make sure that you’ve typed the correct domain address on your browser’s address bar.
Google it… !
Probably it is safest way to avoid Phishing. If you don’t know or you’re unsure about the genuine URL just Google it. For example, If you don’t know what is the net banking URL of HDFC Bank, Google it “HDFC Bank Net banking”.
Popular brewers such as Firefox, Chrome, Internet Explorer, Safari and Opera provides more security over the internet in comparison to other browsers. Also, do not use Beta or alpha versions of the browsers for online money transaction because beta versions stands for testing version of the product and the product might contain the security holes.
Look for SSL Certificates
SSL (Secure Socket Layer) is the predecessor of TLS (Transport Layer Security). These are cryptographic protocols that provides communication security over the Internet. Nationalized Banks, Online Shopping Firms, Financial Firms use SSL on their websites for secure communication. Always look for SSL Certificates before logging in to the related websites. Note that every secured website would have the address starting with https://
In above image you can find the certificate of authority along with the URL starting from https://. Always notice the browser address bar for SSL certificates.
Beware of Standalone Phishing Attacks
Standalone Attacks are common form of Phishing in which a phisher sends you an email along with the attachment containing a Web Form. When you download the form it will look like the legitimate webpage without having any domain address or SSL Certificates. To prevent form Standalone Phishing Attacks do not download any suspicious email asking for your personal details. Remember that your bank will never send you any email that requires your personal information’s such as your bank account password, ATM Pin numbers etc.
Behavior of Fake Emails
- Misspelled words and Poor grammer.
- Will ask your password and other credentials.
- May prompt you to update your personal details of the related website
Image Courtesy: State Bank of India, University of Texas and Antonio.None found.