Phishing Attacks: How to Recognize and Avoid Them

Phishing is classified as the most common type of cyberattack wherein cybercriminals deceive the victim by getting personal information, passwords, credit cards numbers etc, by pretending to be an entity which the user trusts. A good example can be when a conman represents himself/herself as a bank personnel, and asks for account details, or if someone sends out a false email requesting money from people while pretending to be a trusted friend.

In its simplest form, an example of this is the case of bank phishing when users receive emails allegedly sent by bank representatives, encouraging them to click a link provided in the email to ‘verify’ their accounts. Some of the emails may appear very authentic since they feature the bank’s logo and contain official words, but clicking on the link provided in the email directs one to a counterfeit of the actual bank. The instance is more common in today’s world, where once the login detail is given, hackers gain access to the unsuspecting client’s account.

In 2016, the hackers managed to breach the Democratic National Committee (DNC) via a phishing attack. A company that targeted employees sent emails which came from trusted sources and directed the employees to malicious links. The attack itself compromised a lot of information and the related scenario showed the world how dangerous these attacks are.

Think about phishing as a thief attempting to dupe you into handing over the keys to your home. The best approach to protect yourself is to be vigilant and verify who is requesting your information before providing it.

To avoid phishing, always be cautious of unsolicited emails that ask you to click links or disclose personal information. A good rule of practice is to never click on links in emails from unknown senders, and to always confirm the legitimacy of any request by contacting the organization directly.