Phishing mails, calls, websites are planned to steal money or personal information. Users without awareness or sometimes due to urgency, click on spam links and provide their confidential information like credit card no, bank detail etc… and become a victim of phishing attack. However, there are some signs of phishing attack that can help you to identify such Phishing emails or websites.
Signs of Phishing Scam:
Spelling and Bad Grammar:
You cannot expect a good writing skill from phishers or attacker. If users find any email with bad grammar or spelling mistakes, then it might be a phishing alarm until and unless users have an ideal about the email source. That is why users should avoid such mail. However, corporate or professional companies do not send email with bad grammar and spelling mistakes.
some emails contain links to spam web pages, once user click on such links the software download process will start automatically in background without awareness of users. If a user finds any suspicious link, then he should avoid it as it may contain malicious software to steal user personal data residing on server or PC.
- Your security is compromised or
- You must respond received email to avoid closure of your account etc.
Such threat mails are false, and planned to take advantage of user’s innocence; such mails are called phishing mails that are designed to steal user secret data.
Cyber criminals use spoofing techniques to imitate legitimate website by applying graphics and design, but they brings you to fraud websites to steal money or details. Cyber criminals also use web addresses, which looks like an actual name of website address but it slightly changed like:
Phishing website: www.banknamecityname.com
Real website: www.bankname.com
Here is an interesting phishing email example by Wikipedia where they explained how someone sent mass emails to users on behalf of WikiPedia. Find whole story here at Wikipedia.
I hope it is now clear to you that phishing is a serious crime prepared to steal money of innocent users. It is in our interest not to respond any email, message, or website without reviewing their ownership. The best way to identify the authenticity of website is to check their SSL certificate.
Prevention is our first security shield.
Image credit: http://www.flickr.com/photos/28288673@N07/