Friday, December 6, 2019

What is phishing?


Phishing is a fraud. It is done to make bad use of sensitive information such as usernames, passwords, and credit card details by disguising oneself. Carried out by email or messaging, it request directs users to enter personal details at a fake website and on getting the information they immediately hack your accounts. Be aware.
When it comes to elementary school age kids, phishing has a different perspective. Children often do not know better than to enter their personal information into forms online whether it is to register for a website or sign up for a chance to win a prize. So it is possible that details
about your address, phone number, and other family information is being given to questionable websites. There is much software to safeguard kids on Internet
This is when someone is trying to steal your password and information by directing you to a fake login page. Take seriously always double check that links or files that it is valid website or not.

How it work:
It attacks use email or malicious websites to collect personal and financial information or infect your machine with malware and viruses.
Tips of avoiding being a victim:

  • Don’t reveal personal or financial information in an email, and do not respond to email solicitation for this information. This includes following links sent in email. 
  • Pay attention to the website URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net). 
  • Try to verify it by contacting the company directly contact the company using information provides on an account statement, not information provided in an email. You have to be learn about known phishing attacks and/or report phishing through anti-phishing working groups. 
  • Keep a clean machine. Keep all software on internet-connected devices-including PCs, smart phones  and tablets – up to date to reduce risk pf infection from malware 
  • It's also important to educate. About the tactics of phishes. Employees should be take knowledge of training on security awareness. Inform them to be wary of e-mails with attachments from people they don't know. And no credible website would ask for their password over e-mail. Read all URLs carefully.

Thing you should take care: 
All transactions of money for a project or contest should be completed through that freelancing site. Never agree to send money to an employer offsite whether it is via Paypal, Skrill or even Bitcoin. This also means that they are trying to pay via a stolen credit card and we are unable to detect them, then the transaction should be on your own risk. And if you did transactions through a freelancer platform then in that case you can use customer service complaint or payment dispute, that records of these conversations are checked by our customer service team.
Be wary if your employer is asking for more than one or two samples of your work. Although it may be important to demonstrate your ability to a potential employer, it’s easy to fall into the trap of giving away free work to scammers. Avoid sending many free samples.
If your employer refuses to start a Milestone Payment or avoids questions about their payment, then it may be best to think twice before accepting the project.


Most common types of phishing attack below as well as provide useful tips on how organizations can defend themselves
DECEPTIVE PHISHING
Deceptive phishing is the most common type of phishing scam. In this type of ploy, fraudsters impersonate a legitimate company in an attempt to steal people’s personal data or login credentials.
SMISHING
Vishing is not the only type of phishing that digital fraudsters can perpetrate on a phone. They can also conduct what’s known as smishing.
PHARMING
This method of phishing leverages cache poisoning against the domain name system (DNS), a naming system that the Internet uses to convert alphabetical website names, such as “www.microsoft.com,” to numerical IP addresses so that it can locate and thereby direct visitors to computer services and devices.

Search Engine Phishing
It refers to the creation of a fake webpage for targeting specific keywords and waiting for the searcher to land on the fake webpage.

By using the guide above, organizations will be able to more quickly spot some of the most common types of phishing attacks. Even so, that doesn’t mean they will be able to spot each and every phish.
Organizations conducting security awareness training, so that their employees and executives cannot be trapped stay on top of phishing evolution.

Thanks

No comments:

Post a Comment