Phishing is a fraudulent activity and one of the easiest ways for cybercriminals to dupe us to break into our personal and financial information. Through phishing, fraudsters steal our data such as usernames, passwords, and debit card/ credit card details- and all this could be done by creating fake email ids, websites, and text messages with the intention to defraud users into opening the email/message and clicking on the link followed by putting our personal details.
Since the outset of the pandemic, the cases of phishing attacks have massively increased. Hence, it becomes all the more important for us to understand the ways we can detect phishing emails/ messages. Additionally, the Minister for Electronics and Information Technology has also quoted that the number of phishing incidents in India has more than doubled in 2021. In fact, the total number of phishing incidents has gone up from 280 in 2020 to 523 in 2021.
Here are the things that we keep in mind to identify a phishing link or an email.
Messages/emails requesting urgent action
Messages/emails that are intimidating in nature, threatening a loss of opportunity, or a negative outcome of ignoring immediate action. These are generally phishing emails. Cybercriminals usually use this technique to hasten the recipients into quick action before they even could read the content of the message properly.
Any communication asking for a login, and payment details
Any message or email requesting login details, financial information, or other sensitive data should always be treated with utmost caution. Phishers forge login pages that don't seem fake at all and send an email or a message with that login link directing the recipient to the fake page. The recipient should be mindful and alert enough not to put any information unless they are doubly sure that the website is real and legit.
Check the web address
You can check the website's credibility by closely looking at the URL. Ensure that the URL begins with an “https://” or “shttp://”. The “S” in the web address depicts that the webpage has been secured with a Secure Sockets Layer (SSL) cryptographic protocol. If a website doesn't have either of them, any data on this site is insecure and could be easily used by criminal third parties. Additionally, another way is to closely look at the spelling of a web address. To look authentic, phishers make small changes in the alphabet of a real web address. For instance, let's use 'Safehousetech.com', the letter 'S' could be replaced with '5' or an extra character could be added like 'Safehousetechh.com'.
Double-check the content and design
Yes, you read it right. Another way to identify phishing is to look for grammar and spelling mistakes. The phishing websites would generally have a poor sentence structure and poor language that might not sound like the professional language used by a genuine company. Likewise, websites that also have a poor design in terms of layout, font, colours, and low-resolution images should be labelled as suspicious. To be sure, you can visit the official website and take note of the differences.
Unbelievable rewards
Be wary of emails that claim some sort of
(This article has been written by Aditya Narang, Co-founder, of SafeHouse Technologies and edited by India TV. All the thoughts mentioned are personal and India TV takes no responsibility for the same.