How to spot a phishing site (FAKE SITE)

Just as we face deception in the real world, we are also subjected to the same predicament when we log onto the virtual world. Thanks to technology advancement, almost everything that can be done in the real world can also be reciprocated in the virtual world with easier, faster and more efficient results.

Gone are the days of doing things the old fashioned manual way, nowadays one can have the same thing done with just the click of a mouse button.

Stuff like renting an actual business premise to setting up an online site to sell services and products, from sending mail via postal services to sending instant emails with the click of a button.

But just as one can get robbed on a trip from the supermarket, one can also get robbed from the comfort of your own computer screen. In short, no place is safe and as the phrase ‘Knowledge is Power’ dictates, knowledge only guarantees you a 99.9% safe zone from all deceptive encounters while the 0.1% is up to you and how you use the knowledge.

There are various ways in which people can get swindled off the internet and the one that this post aims to concentrate upon is the art of Phishing.

The term Phishing refers to the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.

Here are a few tips on how to spot and evade phishing attacks;

1)      EMAIL SAFETY

  • DO NOT click on any suspicious links in emails unless you have authenticated their origin.
  • Only Click on links from veritable sources which are as a result of your inquiry. Such links are like verification of accounts or password renewals.
  • If a link resembles a particular URL of a website, it is wise to type the web address manually in your browser and get directed to the site rather than using the link to get to the site.
  • DO NOT give out personal information like credit card numbers, social security numbers, bank account information etc in email messages (most scammers post fill out forms to obtain your information)
  • DO NOT let emotions overcome you (as in the case of the Nigerian scams). Phishers typically use upsetting or exciting (but false) statements to get people to react instantly.
  • DO NOT reply to an ‘official’ looking email until you have verified its authenticity. Such ‘official’ emails maybe purportedly from your bank asking you for your PIN CODE in-order to verify your account OR a job offer from a reputable company requiring that you send some money in-order to facilitate for some made-up requirements.
  • If an email sender tells you NOT to leak out any information about the email you have just received, that should be enough to indicate a RED light to a possible scam.

2)      BROWSER SECURITY

  • Always ensure you are on a secure website when submitting sensitive information like credit cards and passwords.
  • Phishers are now able to ‘spoof,’ or forge BOTH the “https” that you normally see when you’re on a secure Web server AND a legitimate-looking address. You may even see both in the link of a scam email. Again, make it a habit to enter the address of any banking, shopping, auction, or financial transaction website yourself and not depend on displayed links.
  • Phishers may also forge the yellow lock you would normally see near the bottom of your screen on a secure site. The lock has usually been considered as another indicator that you are on a ‘safe’ site. The lock, when double-clicked, displays the security certificate for the site. If you get any warnings displayed that the address of the site you have displayed does NOT match the certificate, do not continue.
  • Remember not all scam sites will try to show the “https” and/or the security lock. Get in the habit of looking at the address line, too. Were you directed to PayPal? Does the address line display something different like “hxxp://www.gotyouscammed.com/paypal/login.htm?” Be aware of where you are going.
  • If unsure of a particular website’s URL, use search engines to be make sure you get to the right website because most websites possess almost the same name differentiated with only a single letter.
  • Use security add-ons in your browser so as to know which site is safe and which one is risky.
  • AVOID clicking on pop-up links because most of them secretly download malwares into your computer which hackers may use to obtain personal information from your computer.
  • If unsure about a particular site’s reputation, try using search engines to verify their status. For example if you suspect that a particular site X is a scam, you can try googling, ‘’Site X scam’’, you can be sure if it is a scam site that has swindled many, you will be able to tell from the search results.
  • AVOID using proxy sites to browse sites that require your personal information like passwords because although proxy sites ensure your anonymity, information you pass through their servers may get intercepted by 3rd parties.

Source: Antiphishing.org

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s