5 Important Tips to Prevent Phishing Attack Attempts

5 Important Tips to Prevent Phishing Attack Attempts

Cyber ​​attacks that are targeted through phishing attempts you need to understand so you don’t become a victim. And indeed to ward off these attacks requires foresight and caution, because on average these attacks are indeed trying to convince recipients to follow links to phishing websites and enter important information such as logins and passwords or bank account details.

Therefore, to be free from these attacks, here are some powerful tips that Kaspersky has shared to overcome these cyber attacks.

Check and examine email carefully

When you receive an email, do not rush to reply or follow the instructions. The first thing you should do is look for signs of phishing, which are generally the subject of messages that are always dramatic. Common themes usually include transferring large sums of money, financial compensation, notifications of hacked accounts, and other fraudulent transactions.

And other characteristics there are many typos and spelling, to strange characters in the text. Some cybercriminals really struggle with English, though attackers sometimes intentionally make mistakes like “million” or use letters of a different alphabet in an attempt to bypass spam filters.

Stay alert on messaging apps or on social networks

Email isn’t the only thing you need to be wary of. Messages you receive on messaging apps and on social networks have the same potential for harm.

You can find malicious links in friends’ posts on Facebook, in comments posted by fake brand ambassadors on Twitter, or in DMs on Discord.

Also, do a careful inspection of the banners, the images they display may not have anything to do with the website you’re visiting. The platform on which banners are placed usually does not control what users see or where they are directed. Even very reputable websites can serve ads pointing to phishing websites.

Pause before entering bank account info

Bank card details are very sensitive because they provide direct access to personal money. That’s why, regardless of how you reach the website, you should double-check and think carefully before entering those details.

First, pay close attention to the address. Still with the same method typos, numbers instead of letters, hyphens in unexpected places, and suspicious domain names. If you see something like that, leave the website and try entering the address manually.

Then, staying in the address bar, click the padlock icon on the left. A lock is not a guarantee of security, but from there you can learn more about who owns the website (browsers have different names for the relevant tabs, such as certification or Secure connection).

Then if you do a lot of online shopping, including purchases from small companies and private sellers, it’s a good idea to use a separate card. Keep a small amount of money in it and transfer the money to the destination as needed.

Use a different password

If you use the same password for different accounts, even if it’s a very reliable password, it’s still a risk of having all accounts compromised especially if one day you enter them on a phishing website. It is important to use unique and different passwords for each website and application.

If you find it difficult to find and remember dozens of new passwords for each platform and online store, use a password manager. The password manager also acts as an additional check to prevent phishing.

Set up two-factor authentication to protect your account

Many phishing attacks aim to hijack accounts, however if the attacker manages to get hold of the login and password, you can still stop them from logging into the account. The trick is to implement two-factor authentication if possible.

After doing so, you’ll need an additional temporary verification code to sign in. You’ll receive it by email, text, or in an authenticator app. After that the attackers will not get it.

However, keep in mind that attackers can also create fake login pages that ask for one-time two-factor authentication codes. That’s why it’s better to protect important accounts using hardware-based authentication with a USB key like YubiKey or Titan Security Key by Google.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts