Phishing messages (or phishing scam ) are among the biggest dangers on the internet. These fraud attempts arrive via email, social networks, WhatsApp, and the like, and can result in serious consequences for victims, especially financial loss.
It is to help you protect yourself against this danger so often that this text was written: in it, you will understand what phishing is, you will know how this type of message tries to deceive you and you will see tips on how to prevent yourself.
What is Phishing?
The term phishing refers to the English word fishing, which means "Pescara", in free translation. The association with this activity is not a mere chance: phishing scam is an attempted fraud on the Internet that uses "baits", that is, devices to attract a person's attention and make him perform some action.
If the individual "takes the bait", he may end up informing strangers of bank details or other confidential information, only realizing late on that he was the victim of online fraud. In the same way, you can infect your computer or smartphone with a virus or other malware.
Phishing often arrives via email, but it can also exploit other means, such as SMS, social networks, and instant messaging services, such as WhatsApp, Telegram, and Facebook Messenger.
Typically, messages of this type are created to appear to be issued by well-known institutions, such as banks, telephone operators, government agencies (such as the IRS or some DMV), and credit card administrators, although they can also impersonate individuals.
This is one of the main features of phishing scams. Another is the arguments used to convince the user to click on a questionable link or file that accompanies the message.
Main Dangers of Phishing
Arroba - illustrative image a person receives a phishing scam message and does not realize that they are facing fraudulent content, they can take an action that will result in financial loss or other inconvenience.
An e-mail of the type that passes for bank notice, for example, can guide the user to click on a link to update a record. In doing so, the person will fall on a fake website, but very similar to that of the banking institution. If you do not notice that that page is not legitimate, it will provide sensitive data, such as the current account number and account access password.
This type of fraud is so common that, today, many banks use complementary protection measures, such as requiring an extra code sent by SMS or application or allowing the user to access the account only from registered cell phones or computers.
In a more sophisticated scheme, the message may contain an attachment or link that points to malware. If the user executes it, the plague will install on his computer or mobile device and will be able to perform a series of actions, such as recording typed data, capturing user files, or monitoring his activities on the web.
Another possible consequence of phishing is to confirm that the user's email or mobile number is active. After that, the person will start receiving other messages of the type of SPAM (unsolicited e-mails) and can still be classified as a "potential target": when executing the action of the first message, he told the scammers not to know how to identify misleading content.
Variations can affect the user in other ways. A person can, for example, accept an invitation to a supposed game on a social network. In doing so, the malicious application can automatically issue invitations to other users. These, upon realizing that the invitation came from an acquaintance, will be able to accept it, continuing the scheme.
It doesn't end there. Other examples of problems: the user's computer, if infected by malware, can emit SPAMs; accounts on online services can be hacked thanks to the capture of passwords and usernames; the person may make purchases on a fraudulent website and, for this reason, not receive the product; and so on.
What if the Phishing Has My Full Name or Social Security Number?
It may happen that phishing has your full name, social security number, or other personal information. The objective here is obvious: with this data, it is easier to convince you of something.
Fortunately, this type of message is unusual. What happens is that, in some way, the fraudster had access to a database with people records. This is possible, for example, when an online store is hacked or when an employee of a company improperly resells information.
Therefore, even when the message contains personal data, do not disregard the possibility of an attempted coup there.
Tips to Protect Yourself From Phishing
It is practically impossible to prevent scams from reaching you, but a few simple precautions help you get rid of the danger:
- The first is to observe the characteristics of the message (visual, spelling errors, suspicious links, persuasive arguments, among others), as explained above;
- Remember that debt notices, court summons, or registration requests, for example, are not usually made by email or social media, but by correspondence sent to your home or workplace. Do not be carried away by the threatening or alarmist tone of the message;
- Be suspicious of very generous offers. Nobody will give you prizes for contests that you are not participating in or will offer a product with a price much lower than what is practiced by the market. If you are required to pay a fee or make a cash contribution, you can be sure that it is fraud;
- Be careful with your curiosity and be wary of sensational news, conspiracy theories or news that cannot be confirmed in renowned vehicles;
- If you have doubts about the legitimacy of a message, contact the mentioned company or institution by phone or official website to ask for clarification;
- Use total security software and update your software, especially browsers. They can block inadvertent clicks on malicious files or links;
- If you are sure that a message is phishing, delete it immediately. You can also mark it as spam when possible. This is because, depending on the service used, if a significant number of users mark a message as such, it can be automatically blocked in other people's accounts;
- Pass these guidelines on to family, friends, co-workers and other close people to prevent them from falling victim to the problem.
I Fell Into Phishing. What to Do?
- If you took any action due to the influence of phishing, you must act soon. If you have entered a fake bank website and entered your personal data, for example, you must immediately contact the bank to block your account and obtain a new password. If you have already passed your credit card details, it is important to contact the operator to cancel it and check for unrecognized entries.
- If you've clicked on malware, it's a good idea to check your computer or mobile device with an up-to-date, reliable antivirus. In addition, it may also be a good idea to change passwords entered after contamination.
- In the event of injury or any other considerable inconvenience, do not hesitate to seek guidance from law enforcement or judicial authorities.
No comments:
Post a Comment