Securing yourself online – phishing attacks

Phishing attacks are increasing in number and evolving in variety (newer methods include spear phishing and CEO fraud), putting at risk millions of users worldwide – actually, everyone with an email account. Why are they so popular among fraudsters and why are they so successful?

Source: 6 reasons why phishing is so popular and successful – IT Governance Blog

A phishing attack is an attempt by an attacker to convince you to give the attacker your username and password. A lot of these attacks use a website that mimics a log in screen from companies such as Google or Facebook.

The attack usually starts with an email, probably from someone you know, asking you to log in to view a file. If you aren’t expecting anything from that person, IGNORE THE EMAIL. The log in screen will look pretty convincing, but still have telltale signs that the site is not legitimate.

Google will have google.com in the address, and does not use a drop down menu.

The URLshould have a secure lock, but that’s not enough. Phishing attacks nowadays will get an SSL certificate. In the URL will be the top level domain. If you are connecting to Google, it will have google.com in the url.

Start the discussion at discuss.eduk8.me