In my previous post, How to protect your " Sensitive Account " Info of getting HACKED - Phishing Method ( Part 1 ), you see how black hat hackers, try to steal your sensitive account information and how they do it in a nice, well crafted, genius way. You also learned one simple idea of how to protect yourself from this fraudulent act. You also learned how phishing is disguise as a official looking copy cat site. Now I'll try to detail out and elaborate more of how this technique come to you as a bait. I'll also try to give you more information of how to fight Phishing and prevent you of being the next victim.
First, when phishers ( hackers ) begin the fraudulent act, it will copy a high profile website, the exact copy of how a certain website appear in the Internet, like you see in Part 1, exact copy of Paypal Website.When done, they will upload it in a free Web Hosting Site that will store the copy-cat site. Then the hackers will send millions of emails ( just like spam email ) with link to that replicate fraudulent site, or try to get your attention by giving you false information that your account will no longer valid if you did not update it. When the victim believed that his/her account needed to update and enter his/her account information , it will send an email back to the hacker revealing your sensitive information. That's simple as it is to do this kind of act.
How to protect yourself :
- When you receive an urgent email and it says that you will need to update, verify your account for better security or any other reason, or your account have problems and you will need to update this by following certain link stated in the message, because if you failed to do so will result in account suspension or any problems, then BEWARE..Some sort of scare tactics. Try not to be in panic, analyze first, look at the link, like the example in Part 1. And if you accidentally click the link, ask yourself first whether to put your log-in information, as I've said look always for HTTPS when dealing online transaction, whether be your social site account, online bank or money processor and other Internet account that needs authentication.
- Look again at the URL box, where the address of the site is located, to be sure that you are in legitimate site, Click the green Padlock icon, this is also one way of verifying that the site is trusted and not a phishing site. Refer to the image, you see the " Identity Verified " , then it is the legitimate one.
3. Update your Anti-Virus and Anti Malware for added protection.
4. Most Browsers Google Chrome, Mozilla Firefox, IE Version (7,8,9), Opera have specialized security to deter the onset of Phishing page. If your browser is regularly updated then it is also an additional protection. See the image below of how this common browser handles Phishing site.
Google Chrome
Mozilla Firefox
5 . Sometimes when you try to share certain link, a pop-up window will appear, and you need to enter your log-in information . Beware also, it's common in social sites to share something that its valuable. But be aware of what you are clicking. See the image below. Look again for the HTTPS and click the padlock green icon to view the certificate before you proceed.
This pop-up window (refer 2nd image above) is common method of hacking a gaming online account, the hacker will convince the online gamer to join their group, and when the victim is persuaded, a pop-up window will appear or another window, that saying you must log-in to continue, unknowingly that you are already log-on to your account ? you get the idea ? like in Facebook, if you are already log-in to your account and if you are using the same browser, you don't need to re-log in to your account again just to share a valuable link or join in any group. That's how clever the hackers are and if you didn't know this, then goodbye to your account.
6. Try to invest in other software Firewall to boost your security. It is also to have a Anti-Spam software to block spam emails..But if your budget is tight, a simple move of Educating yourself is the best way to combat Phishing attack.
7. And when for example you are a victim of this fraud, better to contact the support site of your account and report immediately, so that they will do necessary steps to safeguard your account.
Try to have more research. I'll recommend some site to update your knowledge.
Stop.Think.Connect ( http://stopthinkconnect.org/ ) - a consumer awareness program
Antiphishing Org - ( http://www.antiphishing.org )
SecurityCartoon - ( http://securitycartoon.com/ )
" So for now you have the best knowledge to protect yourself, be an angel and share this information. "
Thanks...
No comments:
Post a Comment