What are phishing attacks, and how can they be avoided?

In phishing activities, users get caught in the nets of the criminals, with fraudulent websites acting as a hook with bait. These websites could fully imitate a social media or a bank page, aiming for your account and password. By entering your data on a fraudulent website, you hang over the keys from your private life or bank account to the scammers. However, there are certain ways to prevent phishing attacks.

  1. E-mail is a major channel for spreading links to fraudulent websites. Do not trust emails offering you to click on a link to make changes to your account, even if the message looks like one sent by your bank or another organization that you are involved with. The major corporations, let alone banks and financial companies, take pride in their reputation and security, and almost never send messages like this. If you have a slightest doubt about an email, contact your bank or company using numbers listed on their official website without opening the letter.

  2. Do not click on a link even if it looks like the link to your bank’s official website. There are many ways to disguise any link for a legitimate one, hiding the fraudulent address inside what looks like a link to an official page. To prevent fraud, do not click on the link – copy it and insert it into your browser instead.

  3. If you need to enter sensitive data or your password on a page that rises doubts about its legitimacy, make sure you are using encrypted connection. The website address should start from https://, and the browser should display some kind of a sign showing you are on an encrypted connection – for example, a pictogram of a lock which can usually be found either in the address bar of the browser or in a lower right corner of the browser window. By double-clicking this lock, you can view the website certificate. Make sure the address in the certificate is equal to the address displayed in your browser’s address bar. Never enter your passwords or sensitive data while on unencrypted connection.

  4. Use security software that enables blocking fraudulent website visits, as well as browsers with phishing filters enabled.

Back to the list