Phishing Protection
Phishing Protection
Surely you are familiar with the term Phishing. Today we will guide our customers and followers to identify and prevent its attacks, because with the increasing number of cyber-attacks, this issue deserves your attention.
Definition of Phishing
Phishing is a computer term, whose literal translation from English would be “fishing” which is quite in line with what a phishing attack is intended to do, which is to fish for information from other people for fraudulent purposes. other people for fraudulent purposes.
Phishing refers to a cyber-attack consisting of an attempt to fraudulently acquire a person’s (individual or company) confidential information (passwords, credit card information, banking information, personal data, etc.).
In reality, it is a technique that consists of confusing the user by sending simulated information from a legitimate entity and, in this way, stealing personal or confidential data. They usually confuse the phishing victim by deception, pretending to be a trustworthy person or entity and offering some benefit or action to solve an important and urgent problem.
What form does Phishing take?
Phishing comes to us in the form of an email, SMS, phone call, etc. That is to say, the cybercriminal contacts us by these means, with information of this type:
- Notice of imminent deactivation of service, account, etc.
- They report serious problems such as: blocking of your bank account, unexpected logins to Social Networks, Microsoft, Google, termination of access to your customer area, etc.
- Collection of Prizes, Gifts, Inheritance information, etc.
- Job offers.
- Etc.
A common feature in most Phishing attempts is the demand and need for immediate action by the recipient of these communications, since by creating the idea of urgency they try to limit our ability to verify their authenticity and legitimacy and act with true awareness of our actions. Flattery and threats are also characteristic of Phishing.
Phishing Target
Although the main motive is money, phishing does not always involve financial crime:
- Theft of personal data to impersonate people, send emails to other contacts and achieve a database that can be sold for other purposes.
- Stealing bank details or credit card PINs, for money theft.
- Stealing user accounts (Instagram, Microsoft, Dropbox, Google….) for extortion, accessing contact lists and customer databases to increase the rate of fraudulent activity.
- Scams, deception, for the purpose of fraud for profit.
Attack to our website to impersonate our entity and send Phishing email with our domain to our database of clients, subscribers, students, etc.
Attack to our web changing its appearance,(real case) for example, to impersonate a bank and thus send phishing email to customers of that entity.
Protecting yourself against Phishing
Among the most common and easy to implement methods for the prevention of Phishing we have, for example:
- Two-factor authentication on all information systems accessed or hosted.
- Be suspicious of free stuff. When something is free, the price is you.
- Install an antivirus with Antiphishing and Antispam for email and web page.
- Configure the Antiphishing option included in some browsers.
- Make a backup copy of your information system and web page. If it is daily, the better.
- Always keep the web, operating systems, antivirus, and software in general updated to the latest versions.
- Raise awareness among employees to prevent them from taking the bait, informing them of the form phishing takes and recognizing it in order to avoid it.
- If you have doubts about its legitimacy, contact the sender’s usual channel to verify its authenticity.
- Do not fill in personal or confidential data from links received, without checking their legitimacy.
- Before inserting your login credentials to your website, verify that the URL is correct.
- Before filling in data in web forms, read and understand the Privacy Policy of this and review the possible transfers of your data to third parties that could be cybercriminals.
- When in doubt, think wrong and you will be right. Verify the origin of suspicious emails received and their legality before responding or opening their content.
- At the slightest suspicion, delete the message or hang up the call.
So, get going and don’t take the bait.
Help against cybercrime
Business Adapter®Data Protection and Cybersecurity consultants, in the spirit of contributing to the good business health of its clients and followers, publishes this and other articles with the aim of:
- Raise awareness of good information security habits and the protection of personal data, to avoid sanctions from the AEPD.
- Protect your information, which is one of the most important assets for the continuity of your business.
- Contribute to minimizing the number and severity of cyber-attacks.
- Save them economic costs and reputational risks caused by cyber-attacks.
[su_button url=”https://businessadapter.es/contacto” target=”blank” background=”#f6f903″ color=”#181818″ size=”7″ center=”yes” icon_color=”#000000″]Please contact us, we will be pleased to help you.[/su_button]