Phishing is a cyber attack that uses a fraudulent attempt to obtain sensitive personal information such as usernames, passwords and credit card details by disguising as a trustworthy entity.
The goal is to trick you the email recipient into believing that the message is something you want, need, or are expecting — like a request from your bank, for instance, or a note from someone in your school — and then, prompt you to click on a web link or to download an attachment.
Phishing is a trusted mode of attack for hackers as it is cheap to execute and it is the most common way people fall victim to scams.
There are a number of steps you can take and mindsets you should get into that will keep you from becoming a phishing statistic. Here are a few:
Always check the spelling of the URLs in email links before you click or enter sensitive information.
Watch out for URL redirects, where you’re subtly sent to a different website with identical design.
If you receive an email from a source you know but it seems suspicious, pay attention to the characters in the email address and compare with previous emails you have received from the same individual/entity. If possible, put a call through or contact the person via a different medium to confirm if they sent a mail or not, especially if you have been requested to something sensitive, like send money or send personal information.
When you see surveys on Twitter and Instagram that subtly ask you to post personal information like birthday, 4 digit numbers, vacation plans, address, phone number, e.g, The Face vs The Bank Account, don’t fall for it. While the posts might be harmless, there are hackers and malicious guys everywhere who can take advantage of that information.