PHISHING
Phishing is a type of attack which attempts to steal sensitive information like user login credentials, credit card number, etc. either through an email or through a pop-up window or a fake website. It occurs when an attacker is masquerading as a trustworthy entity in electronic communication. The emails may ask the recipient to click a link and provide confidential information like account number, username and transaction password, mobile number, address, debit card/ credit card number, CVV, PAN, date of birth, mother’s maiden name, passport number, etc.
Modus operandi of email phishing:
An attacker creates a fake email ID which almost looks like the real one, but there is always some difference.
For example, the attacker might create an email ID as ‘ID@HundreadBank.com’ instead of ‘ID@HundredBank.com’.
At first glance, both the email IDs would appear genuine, as there is only a slight spelling mistake but if the victim is in a hurry, he/she might end up interacting with the spoofed website and share confidential data.
Modus operandi of website phishing:
- An attacker creates a fake website which almost looks like the real one, but there is always some difference.
- For example, the attacker might create a website and name it ‘Hundread Bank’ instead of ‘Hundred Bank’.
- At first glance, both the sites would appear genuine, as there is only a slight spelling mistake but if the victim is in a hurry, he/she might end up interacting with the spoofed website and share confidential data.
Security measures:
- Be cautious while clicking on links, downloading files, or opening attachments in emails, especially ones received from unknown senders.
- Be cautious while providing your personal details on any links or pop-ups.
- Carefully observe the website name / email ID before sharing any data.
- As a best practice, do not transact or share any confidential data on websites not starting with https:// (where s stands for secured).
- Protect your computer or mobile operating system with updated anti-virus and anti-spyware softwares.
- To report any phishing attack, kindly write an email to info@amcblanand.com.
Always remember: Jo Satark, Wohi Surakshit!