How to avoid phishing attacks

Updated: 8/27/2022

How to avoid phishing attacks

phishing

There are many types of phishing attacks including, but not limited to, the following: email phishing, spear phishing, vishing, evil twin phishing, https phishing, pharming, and pop-up phishing. A basic definition of a phishing attack is an attack in which the perpetrator tries to mimic a reputable entity or legitimate source. It’s a type of social engineering attack. The attacker will make it look as if the malicious source is coming from the actual, legitimate source. 

One of the most common is email phishing which is described below. Someone may receive an email that looks like a typical email from Facebook and will contain links that are actually different upon closer inspection. For example, a link to a Facebook login (https://www.facebook.com/login) could have the URL (https://www.faceebook.com/login). 

When looking at the actual page (after clicking on the link), it will, again, typically look similar to the real thing. There may be logos, text and certain fonts, images, and so forth that look the same. But, usually upon closer inspection, one can tell that it isn’t the real page. Someone may believe this to be credible and provide login information. The perpetrator would then obtain the user’s credential and be able to login to their account, sell the credentials (typically with a bank account not Facebook), etc.

Ways to avoid a phishing attack:

1. Watch what you click on. Look at the link that you are going to open and the source it is coming from. Does it look out-of-the-ordinary? Are there spelling errors, unusual fonts, etc.

2. Does the link have a “https” icon or connection is secure text? 

The example below is in Google Chrome:

Connection Secured

3. Use security software. While you shouldn’t rely on security software alone and should always browse carefully, it can help determine if it is indeed malicious or possibly malicious.

4. Also, you can implement Multi-Factor Authentication (MFA) which may help if the attacker(s) do compromise your username and password. Click on this link to find out more about how to do so: https://jesuschrististheking.com/multi-factor-authentication-mfa/.

Leave a Reply