Phishing attacks are increasing in number and evolving in variety (newer methods include spear phishing and CEO fraud), putting at risk millions of users worldwide – actually, everyone with an email account. Why are they so popular among fraudsters and why are they so successful?
A phishing attack is an attempt by an attacker to convince you to give the attacker your username and password. A lot of these attacks use a website that mimics a log in screen from companies such as Google or Facebook.
The attack usually starts with an email, probably from someone you know, asking you to log in to view a file. If you aren’t expecting anything from that person, IGNORE THE EMAIL. The log in screen will look pretty convincing, but still have telltale signs that the site is not legitimate.
The URLshould have a secure lock, but that’s not enough. Phishing attacks nowadays will get an SSL certificate. In the URL will be the top level domain. If you are connecting to Google, it will have google.com in the url.