E-mail today is an indispensable tool for quick and easy communication. It’s used for personal and commercial purpose – for work, connecting with friends and relatives, for seeking subscriptions, newsletters or marketing strategies. Most companies use e-mail to sell or provide information on products or services. However, some clever fraudsters have discovered a way of cheating people to their benefit through e-mail through `phishing’. So let’s see what this phishing is all about and how to prevent being its victim.

What is online phishing?

Fraudsters send you an e-mail that looks to be from a company that you trust. It may look exactly like the one you get on a regular basis from that company. However, it will be a fraud e-mail whose sole intent is to get you to divulge information that can be used to defraud you financially. This is what is known as `phishing’. There are other methods of phishing too, relying on SMS, voice and search engines.

How does phishing happen?

A phishing e-mail could direct you to a website where you’ll be asked to give personal information such as your credit or debit card details, CVV number, login ID, password, PAN number, bank account numbers, transaction password, mobile number, address, date of birth, passport number, and so on. This bogus website would be used to capture all information to be used for an illegal transaction.

Phishing poses a threat to anyone using Internet banking, and any other online payment mechanism for transactions. Conmen use advanced techniques to scam you, so you must be alert all the time.

How to identify phishing attempts?

  • Unsolicited emails, calls from strangers or websites asking for confidential banking details
  • Messages asking for urgent action due to security reasons, or your account has been compromised. If you receive such an e-mail, it’s best to call your bank and verify
  • E-mails asking you to click on links that takes you to websites and part with information. These fraudulent websites do not have https:// where “s” stands for ‘secure site’
  • Such fake e-mails will always encourage you to click on to a link to verify or update your confidential account information. The language in the e-mail like `Verify your account’ can be a giveaway that it’s a fraud
  • The links embedded in such fake e-mails may look authentic but when you move the cursor/pointer over the link, you may find an underlying link/URL to a fake website
  • No legit business worth the name will ask you for login or other sensitive information by email
  • Be careful of e-mails that do not address you by name. You must have noticed that any mail from your bank will address you by your name. Most of these phishing e-mails are sent wholesale and may not have your name

How to avoid online phishing?

Go through the list below to find out how you can prevent online phishing.

Open with caution: Check your e-mail with caution. If you receive an e-mail from an unrecognised sender, it’s best to avoid it. If the e-mail asks for personal and financial information, look at it carefully. E-mails with immediate responses or emotional content should be checked with utmost caution. Most of the time they are phishing e-mails.

Avoid clicking on suspicious links: Most of these emails provide you with a link which redirects you to a fake website, which asks you to enter your data. Do not click on such links. Download attached files if you are not sure of the sender. Even though it may mimic the same e-mail address and the layout resembles that of your bank, It could be fake. Anyhow, avoid clicking on unknown web links.

Use the website or the phone banking app: To carry out any banking transaction via an online platform, always visit the website directly and log into your account via the bank’s secure website. Avoid using any link or e-mail that redirects you to a webpage. You are unaware of the authenticity of that webpage; It can lead you to a scam.

Install anti-virus software: Install updated and advanced anti-virus software and spyware for your computer. A firewall will prevent any malicious content from damaging your files. It prevents spam messages and malware from entering your primary inbox.

Look for the fine print: When you receive an e-mail from your bank, which is an official source, it always comes with a fine print that lists the terms and conditions. Phishing e-mails will not have details mentioned. To prevent any phishing threat, always read the fine print.

Types of Phishing Attacks

  • Deceptive phishing: This is the most common type, where conmen mimic a company’s credentials to steal your personal information.
  • Spear phishing: In this kind of attack, the fraudsters already possess some information about you. For example, the e-mails may address you by name, and know where you live. This information isused to extract more financially useful information from you.
  • Vishing: This type of phishing takes place using Internet telephone (VoIP). They may use scare tactics like saying that your account has been compromised and use it to get log-in, passwords and other information.
  • Smishing: Here, SMS alerts are used to direct you to a fake web site which extracts information from you.
  • Search engine phishing: Here, conmen create fake web site targeting specific keywords. When you use these keywords, you may land on these sites, which look like the real website.

Now that you are aware about phishing, make sure you take the precautions mentioned above to avoid being conned. To know more, click here!