Something Phishy About This: Understanding & Preventing Phishing
In our earlier articles, we already know that cyber threats are always out there. Due to poor network security or ignorance, countless of people has become victims of cyber-crimes. Being a dedicated antivirus and firewall dealer in Malaysia, Mewamax Solutions Sdn Bhd goes all-out to not only provide people with the best security software in Malaysia, but also to educate them on how to protect themselves from cyber threats. Today, we are excited to bring you another interesting network security topic… And our word of the day is ‘phishing’.
Let’s check out this scenario:
John receives an email from a ‘lawyer’ claiming that he represents a client who is John’s distant relative from overseas who has recently passed away. He informs John that this relative was a wealthy businessman and as he does not have any children, he wanted John to inherit his fortune that is worth 3 billion USD as part of his will. The ‘lawyer’ tells John that he is required to provide sensitive information for the transaction to take place by a stipulated date.
If John believes what he read and provided that information, then he has taken the bait and becomes a victim of a phishing attack.
In the following section, we’ll discuss more about the origin of phishing and how to prevent them.
Origin of Phishing
Phishing, pronounced as ‘fishing’ is a cyber-attack method in the form of a legitimate digital communication, commonly an email to lure victims into providing sensitive information voluntarily, for example a user’s login credentials or credit card details. Simply looking at an analogy, just as how it sounds, phishing is like fishing whereby a fisherman (hacker) throws a baited hook (phishing email) into the water, waiting for the fish (victim) to take the bait. In case you’re wondering why spelled with ‘ph’ instead of ‘f’, in the earlier days, hackers are known as ‘phreaks’. Thus, the ‘ph’ spelling was used for the word phishing. The first recorded mention of the word was as early as the year 1996.
There are many types of phishing attack such as deceptive phishing, spear phishing, pharming, CEO Fraud and more. Each attack has its own characteristics and tactics in deceiving victims (read more about types of phishing here). Regardless, their sole purpose is to deceive you into giving up your sensitive information voluntarily.
How Can We Prevent Phishing?
While there are several approaches in countering phishing attack, one of the best ways is to equip yourself with knowledge on how to identify phishing emails. Here are some common features of phishing emails:
Too Good to be True
3 billion USD, that’s a whole lot of money! But conveniently, you just happen to have a distant relative who wants you to inherit his fortune. Be mindful of the email content no matter how attractive the offers may be because this is how the phishers catch people’s attention and lure them into taking the bait.
“Your Facebook account will be terminated if you do not verify your details within 24 hours.” This is another common tactic used in phishing emails. Hackers will impersonate a legit organization (e.g. social media organization or bank), telling you that there is a time limit for you to take certain actions to avoid any inconvenience. Always verify the authenticity of such emails with the source before performing any irreversible action.
Suspicious Links or Attachments
Sometimes, phishing emails come with attachments or URL links. The attachments may potentially contain malwares that could cripple your computer system. Certain links may redirect you to duplicate sites with identical designs which could deceive you into believing the website is legitimate and voluntarily deposit your sensitive information into it. Always keep a close eye on the links by checking on any misspelling and avoid opening any foreign attachments.
Regardless who sent you an email, if you sense it to be unusual or suspicious, do not click on it. If it’s from senders you know, clarify with them if the emails were indeed sent by them before taking any action.
*Lastly, as an extra safety tip, avoid posting personal data or sensitive information publicly on social media. Doing so could prevent hackers from gathering this information and forge convincing phishing emails to deceive you.
While the tips could help you in recognizing these phishing deceptions, taking additional security measures can go a long way. Having a good network security is as important as having good network security knowledge in protecting your computers. As an authorized antivirus and firewall dealer in Malaysia, Mewamax Solutions Sdn Bhd puts clients’ network security as our top priority. We carry both Fortinet and Webroot, which are some of the best security software in Malaysia in safeguarding you from cyber threats.
For more information about these network security products, contact our friendly sales representatives at 03-6272 8031 or 017-2116534.