Are You Aware of the Danger!
(Phishing)
Phishing is one of the oldest and most effective types of attacks in internet history. In this type of attack, it is aimed in general to steal passwords, identity information or similar sensitive data by sending gifts, discounts or interesting false messages to victims’ e-mail accounts.
When malicious links in the forwarded e-mail messages are clicked, the victim can be preyed on or by running the infected files sent as attachments with the e-mails, the victims’ computers can be hijacked by the attackers.
Emails appear to be from known websites or from the user’s bank, e-mail or internet service provider. However, this is a complete deception. The attacker prepares a “bait” and waits for the “fish” to be attached to this bait. It is necessary to be conscious of such frauds in order to avoid great losses.
A trained person or staff against phishing attacks approaches incoming e-mails or websites to which they are directed with a certain perspective. The important point at this point is that the person makes some inquiries. The answers from these inquiries also prevent falling into a big trap.
* Does the e-mail come from a reputable legitimate e-commerce site, financial institution, e-mail provider or internet service provider?
* Are you asked to provide your personal information?
* Does the e-mail or website to which you are directed, use some emotional or exciting words to get a response from you?
* Are there any spelling or grammatical errors in the e-mail or website?
* If you are directed to a website through a link in the e-mail, do the URL at the top of the browser match the URL of the legitimate company that you think you are visiting?
Here are a few suggestions that will save you from being a fish to be baited:
* The password you use for your e-mail account must be different from the passwords for your other accounts.
* Do not respond strictly to e-mails asking for your personal information. If you are not sure who the incoming e-mail is from, ignore it. Remember, no institution or organization asks you for your personal information via e-mail.
* The institution you work for will never send you an e-mail asking for your personal information or password.
* Do not click on URL links in suspicious e-mails. Never click on shortened URL links (bit.ly, ow.ly, tinyurl.com, is.gd, goo.gl, tiny.cc, cli.gs etc.) in email messages.
Now, you are aware of the danger of phishing. Because you have fulfilled the most important rule. You are knowledgeable and conscious!
Sources :
* https://it.bilgi.edu.tr
* https://bim.aku.edu.tr
* https://www.securitymetrics.com
