Welcome Guest, Not a member yet? Create Account  

Protect Yourself Against Phishing
#1
(This post was last modified: 10-06-2017, 08:23 PM by Mike.)

How to protect yourself against phishing


1. What is phishing?
  • Phishing is the method of stealing login info(usernames and passwords) by directing the victim to a clone(fake) login page, that logs the login info without the knowledge of the victim.
  • Such clone website is known as a phisher.

2. How to protect yourself against phishing?
  • Use your login info in the correct places only.
    Don't ever put your login info anywhere else than the page you registered to, unless it's a trusted service you know(such as youtube or blogger asking for your google account's info).
  • Make sure the website you're logging in isn't fake.
    Whenever you login to a website, if you didn't type the URL(address) of the website yourself, i.e. if you clicked a link that led you to the login page(from message, website, search engine results), always check the url(address) to see if you're in the right place.

  • For instance, if you're logging in your facebook account, make sure the url appears as http://www.facebook.com/...
    Where a phisher page would look like http://www.facebook.freewebs.com/... or http://www.facebook.spam.com/... or any url whose part before the .com isn't exactly the same as the page you want to login to.
  • Make sure the links you're clicking aren't fake.
    Whenever you're clicking a link, check where the link goes before clicking it. Links can be masked to appear as something else than the page they're leading to. For example, http://www.google.com leads to yahoo instead of google. Fortunately, in most browsers, whenever you point your mouse cursor over the link, the true location of the link is displayed on the bottom left part of the screen. Try it with the above link.
    This is particularly important because it can protect you from another, rarer but more dangerous method called cookie stealing, which is basically automatically stealing your account if you're previously logged in the website.
  • Know that links to phishing pages are usually spread via email, and often represent impersonating trusted services and persons, such as making the email appear as it's sent from the website you've registered to, or a friend of yours whose account has been compromised.

3. What to do if you have spotted a phisher?

Report the phisher as soon as you can.



[Image: TQzc844.png]
Likes 0
#2

This honestly should be taught in schools, It's quite sad how many people get hit by a phish attack.
Likes 0
Reply
#3

(11-17-2017, 12:46 PM)Mentalist Wrote:
(10-26-2017, 04:17 PM)Vespei Wrote: This honestly should be taught in schools, It's quite sad how many people get hit by a phish attack.

Couldn't agree more!

I'm tempted to work on software with known phishing sites. Will redirect to a local html file saying "Phishing attack detected"
Likes 2
Reply
#4
(This post was last modified: 11-28-2017, 06:03 PM by Sad.)

@Vespei, make it a web-browser extension
Likes 0
Reply
#5

It should be mentioned that phishing is not always obvious, the methods are getting more and more advanced and even if you know about it, you can still get phished.
Likes 0
Reply




  1 Guest(s)