How to avoid phishing

How to fight against phishing on the Internet?

Phishing refers to those emails you may have already received that invite you to renew or to give your credit card number or to access to your bank account. Indeed, according to the Anti-Phishing Working Group, phishers are able to convince up to 5% of recipients to respond. So please, be careful and refer to the following 10 tips to discover how to avoid phishing:

1. Be cautious with emails and personal data

You should keep private your PINS or passwords, without writing them down anywhere. Avoid phishing passwords: do not use the same password for all your online accounts. Use common sense when reading emails. If something seems implausible or too good to be true, then it surely is. Be especially cautious of emails which come from unrecognized senders and are not personalized. And do not reply to emails where people ask you to confirm personal or financial information over the Internet and/or make urgent requests for this information.

2. Do not respond to emails which refer to your financial or bank profile

Just be logical: banks or e-commerce businesses usually personalize emails, and phishers do not. Phishers often include false but sensational messages, such as “urgent – your account details may have been used by someone else”) so as to create an immediate reaction from the person who receives such message, which is also usually full of typing mistakes or syntax error. Trustable companies do not ask their customers for passwords or account details in an email.

3. Beware of pop-ups

Just follow these tips: never enter personal information in a pop-up screen. Also don’t click on links in a pop-up screen. Do not copy web addresses into your browser from pop-ups.  Plus be aware that companies should never ask you to submit personal information in pop-up screens, so just don’t do it.

4. Type the URL of the bank websites into the address bar

Phishers often use links within emails to direct their victims to a spoofed site, usually to a similar address such as mybankonline.com instead of mybank.com. When you click on the URL, it can show in the address bar it is a genuine, but there are several ways it can be faked, taking you to the spoofed site. If you suspect an email from your bank or online company to be false, do not follow any links embedded within it. Just call the financial organisation implied in the spam or report it to such anti-phishing websites as http://www.antiphishing.org/ or http://www.google.com/safebrowsing/report_phish/

5. Make sure the website you are visiting is secure

Before submitting your bank details or any sensitive information, here are a few things to do to make sure the site uses encryption to protect your personal data: check the web address in the address bar. A website starting with “https://” (“s” for security) rather than the usual http:// is a proof that it is based on an encryption mode. Refer to the lock icon on the browser’s status bar. But consider the fact that if the website is using encryption, it doesn’t necessarily mean that the website is legitimate.

6. Keep a smart eye on your accounts 

Regularly log into your online accounts and check your statements. If you see any suspicious transactions, report them to your bank or credit card provider. Don’t postpone such reporting, as phishers are smart and fast.

7. Phishing has no borders

Phishing knows no boundaries, and can be written in any language. In general, they are quite poorly written or translated though, so this may be another indicator that something is wrong.

8. If you have the slightest doubt, don’t take any risk

The best way to prevent phishing is to reject consistently any email or news that asks you to provide confidential data. Delete these emails and call your bank to clarify any doubts. Even if you think the email may be legitimate, do not respond – contact the company by phone or by visiting their website. Be cautious when opening attachments and downloading files from emails, no matter who they originate from.

9. Make sure your computer, phone and tablet are secure

Some phishing emails or other spam may contain software that can record information on your internet activities (what is called spyware) or open a ‘backdoor’ to allow hackers access to your computer (Trojans). First, install anti-virus software on your computer. And if you want your Internet connection to be secure and anonymous, choose a VPN. A VPN service encrypts your Internet connections and keeps private the sites you have visited and the information you have left on them. You will protect all your internet activities with a secure virtual VPN tunnel with a military-strong encryption. You will thus make sure that sensitive data remain yours only. This is the only and best way to avoid phishing

10. Come back to read more about malware

If you want to be up to date with the latest malware attacks and evolutions, recommendations or advice to avoid any danger on the internet, etc … make sure to read Le VPN Blog and follow us on social media.