The extension of Internet use entails a multitude of benefits; nevertheless, as we always notice, the network also entails dangers that we must take into account. One of the main problems that cybersecurity experts have had to face in recent years has been the proliferation of increasingly sophisticated and malicious forms of malware (or computer viruses).
There are many forms of threat: phishing, spyware, network worms, Trojans, riskware…
In this article we explain what it is, how it is presented and how you can avoid phishing, an attack that has gained popularity and whose consequences can be really negative.
Phishing or identity theft
Phishing is a cybercrime that tries to get hold of our relative confidential information, above all, to bank account numbers, cards and passwords; all with the intention of using them to commit some type of fraud.
Email: the great ally of phishing
The most common form of threat is through an email in which the cybercriminal is posing as a person, entity or company of trust (this type of cybercrime is also known as identity theft attacks) and in which we ask us to confirm certain confidential information, inform us that our account will be blocked if we do not perform the required action, request that we initiate a session through a link or that we download an attachment. In this way, the user, believing that it is a trusted site, enters the requested information that, in reality, goes to the scammer.
There are other forms of phishing presentation, although much less widespread. This is the case of SMS that contain a fraudulent link that encourages being opened, which is known as smishing, or even through a telephone call in which the cybercriminal is posing as a bank and requests a series of personal data. This last modality is known as vishing.
In addition, there is a form of “enhanced” phishing known as spear phishing in which the attack is aimed at specific people (unlike traditional phishing, which is usually a massive attack on a base of addresses) that usually have full access to large amounts of data. confidential information, as is the case of the security officers of many companies.
This type of attack, unlike the “normal”, tends to be more careful both in the content and in the writing and presentation of the email.
Why do we fall for phishing attempts?
One of the reasons why in many cases we fall into the hands of cybercriminals is that these attacks are increasingly sophisticated; some come to copy perfectly the style and image of the company they impersonate.
But we have to keep in mind that another of the main causes that we do not know how to detect them in time is the lack of knowledge on the part of the user: not knowing the possible risks means falling more easily into the trap of the click, so education in cybersecurity it is of vital importance.
How can we avoid phishing?
The basic thing to protect against these types of threats is to have a good updated antivirus. This will prevent in most cases that spam arrives in our main inbox.
Below, find series of tips that will be useful to avoid phishing:
- Always verify who the sender is before opening any email that seems suspicious.
- Do not answer any questionnaire that requests confidential information through email.
- Do not enter the website of your bank through an email.
- Do not open any link that seems strange to you. One way to check the security of the link is to write it manually in your header search engine.
- Check periodically the movements of your accounts.
- Learn to identify malicious emails: spelling mistakes and strange wording can be indications of phishing. In addition, this type of criminals usually use gifts or promotions as a hook.
- Finally, remember that banks and other secure entities never ask for confidential information through email, so a good way to avoid problems is to contact directly the entity that sends you the message to verify if it is a reliable communication.
Hope this article has been useful and looking forward to your comments and recommendations!