How To Spot Phishing Attack/Link: What To Do And What Not To Do

by Micheal Olorunwumi

Phishing attacks are cyber crimes where victims are tricked into taking certain actions. This leads to the stealing of a phone or computer user’s details such as bank account information, credit card numbers, passwords, usernames, etc.

Attackers often parade themselves as an authentic brand or company reputable enough to lure victims. As bait is to a fisherman, so is phishing to attackers. Hence, in this article, you will learn how to spot, prevent, and stop phishing attacks. Follow me.

Types of Phishing Attacks

The most popular phishing examples are used to uncover other scam-like actions like cross-site scripting, and on-path attacks. These sorts of attacks are typical of SMS or text messages, and particularly, emails. 

  1. Advance fee scam

This widely used email or SMS phishing attack is also called “Nigerian Prince” emails, where some claim to be a royal head desperately about to commit fraud, request for the transfer of a small amount of money as upfront to credit the victim a huge amount of money, afterward.

In the end, the victim sends the small amount requested by the scammer and, unfortunately, does not receive anything. The only way to avoid this is to avoid such phone calls, text messages, or emails.

  1. Account deactivation scam

In this case, the victim receives an SMS, mail, or phone call, that the attacker claims to be from a reputable company or bank and tells the victim that his account is about to be deactivated, and that access to the person’s login credentials like password, PIN and account number will stop the deactivation.

The smartest move against this is to rain insults on the caller and end the call. Then head to your bank’s authentic website (take cognizance of the URL) and see if indeed, you are required to reactivate your soon-to-be deactivated account. Wherever your password and login details are requested on the net is insecure, run with your feet touching your head.

  1. Website forgery scam

Twinned with an account deactivation scam, the victim is made to visit the website of a known, legitimate business that is a complete virtual replication of the ideal bank.

The web links could be through a search engine (like Google or Bing), a hyperlink inside an online forum, or an email phishing method. Once the victim visits and inputs all the requested info, these details are collated and that is the beginning of an end.

Checking the URLs of every link in this regard is important. They will always be different from the legitimate ones. Check if it’s https:// or not. Otherwise, the site could either be a phish god or be broken.

Other similar phishing attacks that are completely fraudulent are:

  • Misleading ads and website pop-ups that claim that a security problem is on your device.
  • Fraudulent SMS, voicemails, and calls impersonating customer support.
  • Scam promotions that entice with free prizes and products.
  • Unsolicited subscriptions and calendar invites.
  • Fake caller ID to threaten to drop your bank account information, and ATM card numbers.

Read also: How to Identify and Call Out Fake Bank Alert

Categories of Phishing Attacks

Breaking them down into a couple of categories will give you knowledge about the various phishing attacks and how to spot them.

  1. Spear phishing

It is one directly made for an individual or company. It gathers or buys info about a target. You can call it a personalized scam because it has been the most effective form of phishing.

  1. Clone phishing

Clone phishing is a way of replicating the design, style, and entirety of a legitimate company by sending emails to victims for scamming.

For instance, an SMS or email with malicious links and files attached comes in the name of the original filename, but in a spoofed email, thereby, leveraging on the trust the victim has in that brand or company to make the fraud successful.

  1. Whaling

The name comes from the fact that this type is direct and mostly targeted at senior executive officers and workers in a company. 

Most times, the scammer sends whaling emails pretending to be from the CEO to the head of finance or a supreme worker in the account department, requesting for urgent transfer of funds which will later end in the hands of the attacker.

Read also: What is Cybersecurity: How to Protect Your Business From Internet Security Threats

How To Detect Phishing Attacks

Scammers lure victims by impersonating people or companies in an attempt to get certain details. You can prevent this by paying attention to the following:

  • The phone number or email address used to contact you does not match the one you submitted to the company while registering
  • The phone number or email used to contact you does not match the company’s name
  • The website link seems good but it is not in line with the company’s name
  • The sender asks for credit card number, BVN, NIN, and account password
  • The message you received is completely different from the one you are fond of receiving from the company
  • The sender claims to be offering job opportunities by clicking links that are awkwardly written.

Are you a writer and want to hone your writing skills? If yes, join Insight.ng’s Writers Community.

How To Prevent or Stop Phishing Attacks

We have discussed how to avoid phishing attacks, but that’s not enough, because scammers devise new ways of having successful operations. However, these tips will go a long way to keep you from falling victim:

  • Enable TWO-FACTOR AUTHENTICATION on your financial and exclusive applications.
  • Do not use simple passwords for your applications.
  • Not all links on the internet are meant to be clicked. Pay attention.
  • Download authentic phishing protectors on your computer or smart devices.
  • Do not disclose your details to a stranger or people you don’t trust.
  • Immediately decline fake calls that claim to be from your bank or someone with a high reputation.
  • There is nothing like free money from the president or senator. Visit their verified social media accounts to authenticate.
  • Work hard and smart, and stop being cajoled for peanuts at the expense of your bank account balance.
  • Talk to people’s attention around you when you notice they are uneasy. 

Read also: A Comprehensive Guide to Information Security and its Importance to Nigerians

Conclusion

With all we have discussed above, you’ll be able to protect yourself from being a victim of the numerous phishing attacks that have plagued our world. Stay safe.

We hope this was helpful to you. Subscribe to our newsletter to be notified of our latest valuable and insightful posts.

Edited by Oluwanifemi Akintomide.

About Author

Avatar of Micheal Olorunwumi
Micheal Olorunwumi
Michael Olorunwumi, is a final year student at the University of Ibadan, studying English language and Education. He is an SEO content writer, spoken word artiste, poet, Kampala textile designer, and rapper.

Related Posts

Leave a Comment

× Say hi
-
00:00
00:00
Update Required Flash plugin
-
00:00
00:00