How to Protect Yourself from Phishing
It is said that the weakest link in security is the end user and this holds so true in case of phishing, which is a form of identity theft that takes advantage of naivety of the user. The end user is tricked into visiting shady websites which look like the genuine ones but are in fact fake websites where user’s login credentials and other critical information are stolen.
Since phishing relies on the end users ignorance, therefore, there is not much that can be done by the online websites to stop phishing attacks. And the only way to reduce the impact of phishing attacks is to educate the end user about how to protect you from phishing.
You can remain safe from such phishing attacks if you follow the general common sense and keep the following things in mind while you are spending time on the internet:
Phishing mostly originates from a spam email. Therefore, exercise maximum possible caution while reading and opening emails. Generally, you should take the following kinds of emails with a grain of salt:
- The emails that are from unrecognized users
- The emails that threaten you of some kind of consequences if you do not act fast
- Emails that stress that you submit some kind of personal or financial information like banks login etc.
When you are submitting some critical information, always ensure that you are at the original site by looking at the https: in the address bar and also read the website address in the bar to ensure that it is not a fake website. And prefer phone if you want to submit some kind of private and personal information. And even in case of phone, never submit your personal information unless you have initiated the call yourself and you are sure that you are not talking to a scammer at the other end.
Exercise caution while clicking on links from unknown sources or downloading files from senders you do not trust. Never click on links blindly because these phishing sites are created professionally and an unsuspecting user can be easily tricked into believing these to be original sites.
Never use email medium for communicating financial or personal information because it is not safe to send critical information via email because the information travels in unencrypted format and can be easily intercepted by hackers.
When you receive request for personal information via email, try to contact the originator even if it is a genuine company because most of the times, genuine websites do not request personal information via email. Try to establish contact via phone in such cases before you proceed to submit your information.
Especially beware of popups if they ask you to submit information because it is highly unlikely that a genuine enterprise would ask you to submit your information via popups. Also try to refrain from clicking on links that are presented in the popups because phishing websites trick users into clicking on these links for stealing personal information.
Keep yourself protected with an updated anti-virus, a firewall and an anti-phishing software to ensure that you are protected in real time while you are browsing on the internet. Always take the alarms triggered by this software seriously and try to not visit websites that are flagged as phishing sites. Sometimes even genuine websites are hacked and during that time, it is not advisable to visit these sites, especially when Google also lists these as phishing sites in their search engine results.
Always be on your guard on the internet because hackers are always trying techniques like phishing to rob you of your identity.