If you think you are too smart to fall prey to any online scam think again. Cyber security experts say that cyber criminals are becoming more and more sophisticated in their operations making it really hard for the average computer user to detect a scam.
You will be surprised to know that some phishing emails can actually scan you’re your browser history, spot the websites most visited by you and configure themselves to look like those websites. For instance, a fake website resembling your bank’s official site could be set up. In such cases it is difficult not to trust the source as it is familiar to you. It is most likely that customers will click on a link or open a message that comes from a familiar source.
When internet browsers are asked to make a trust decision they often falter. Implicit trust decisions may include the decision regarding whether to open an email attachment or not or replying to an email sent by a familiar entity. On the other hand explicit trust decisions are those where trust related prompts like pop-up boxes ask the user to execute a downloaded application, etc.
What Is Phishing?
Phishing refers to the illegal act of tricking people into divulging their personal information like username, password, bank account details, credit card details, etc, by posing as a trustworthy party. Phishers are tech-savvy people who con people and carry out identity theft. They may use emails, text messages, SPAMs or fake websites to con you.
Phishers usually pretend to be legitimate organizations and may use email to communicate with users and ask them for personal information. They may also use emotional language or scare tactics or may even make an urgent request to push the user to respond quickly. The fake site looks exactly like the original site as they use copyright images from the original sites.
So if you suspect a site is fake you can do a few things to verify if it is really so.
Check the URL-is it correct?
Always look carefully at the web address of any website that you visit. If you are not sure about how a company name is spelt or you do not know the exact URL of the site cross check and confirm both, the spelling and the address before you spend too much time on the site. Many fake sites take the advantage misspellings of a name to fool people and trick them into divulging their personal information without realizing that they are not on the real site. The user cannot be blamed for this because the fake site looks exactly like the original one. Please note that even if one letter or number in a URL is different it is enough to put trap you.
Check The Links: Do They Work?
Some of the phishing sites include links in the exact places where the real company places the links. But if you move over the links in the fake site you will either find that they are not links or they do not open. Even if the links open they might lead you to blank pages. Most of the fraudulent sites are not exact replicas of the real site. They contain just enough information to be able to fool you.
Find Out Who Has Sent The Original Message?
Most of these online scams start with sending you emails which make you believe that they are a legitimate company with whom you deal. For instance, they may pose as your bank, or PayPal or any other company. They will start by saying that there is some problem with your account and that your account may be suspended if you do not verify your identity by providing all your personal information. The email will also contain a link that will lead you to the fraudulent site which looks exactly like the original site of the company you deal with regularly.
If you look at the web address of the site that the link leads you to, you might find that it is not the real site. However, that may be too late a realization as some of the phishes are smart enough to put a Trojan into your PC the moment you click on the link. This Trojan will start recording each keystroke you make and send it across to the scammers.
You can avoid this situation by checking the email address of the sender before you click on any link that is present in the mail. Most phishers have a private email account or even a free one through hotmail, Yahoo, etc. This is the biggest indication of a scam.
If you suspect that a particular site is fake just do not click on any link. If you are worried about your account just call up your bank or the concerned company and verify if everything is fine. Also inform them about the phishing email you have received.
Check If The Website’s Address Starts With https: //
If a website’s address begins with https it means that the information shared will be kept secures and encrypted. Do not enter your credit card number or any other personal or sensitive information on a site that begins with http instead of https.
Look For The Lock Icon
Most popular browsers will include a lock icon somewhere on the browser interface itself. A lock icon present on the web pages does not make any sense.
Find Out About The Company
You can find out about any company searching about them on the internet. You need to ascertain whether a particular company is a legitimate company or not. Another thing you can do is type in the company name followed by the words scam, fraud or rip-off on Google and see what comes up in the results.
Most of these fraudulent websites contain viruses or spyware which may continue to run in the background without your knowledge. Thus, it is always better to have good anti-virus software installed.