by
Adam Haertle
Zaufana Trzecia Strona
The cyberspace may be as dangerous as the real world. Sometimes you simply respond to an e-mail allegedly sent by your bank, and you find yourself in a blind alley. Criminals have a proven tool to back their victims into a corner: phishing. This tool is used ever more often.
Article prepared in cooperation with the platform ZaufanaTrzecia Strona (Trusted Third Party).
How to ensure your online security?
Do you receive a few or dozens of e-mails every day? You transfer money via electronic banking and make shopping... Cyber-criminals keep perfecting their techniques, but more often than not they use one of the oldest methods – phishing. It is a relatively new word, so it is worth learning what it really means.
What is phishing?
Phishing is obtaining sensitive data by disguising as a familiar institution or person. Most often these are bogus e-mails. The victim sees an e-mail from a mobile phone or Internet operator, or their bank in their inbox. The message looks genuine. Its look – graphics, fonts, colors – is identical to the legitimate one. Nevertheless, the e-mail has been sent by criminals. The institution that has allegedly sent the message, is oblivious of the situation.
Why is phishing dangerous?
Criminals have one aim – to persuade their victim to open an attachment or a link. They constantly update their messages to increase their credibility. They are “up-to-date” – they use popular events and social media. Sometimes they even have authentic data of their victims. The victim has no choice: click the indicated link or else you lose access to your account, money and services. The victim often yields under pressure. Then, the second stage of the attack is launched – the victim is redirected to a bogus website of the bank, a payment gateway.
If the message did not come from the company that sends our phone bills or from your bank, then the website you are redirected to is not authentic. It is a bogus website – copied by the criminals and placed under an address that does not raise any suspicions of a less perceptive person.
What will happen if I respond to phishing?
The key moment is when the victim logs on a bogus website. When you enter your login and password, you actually give them to criminals without realizing it. And it only takes them a few minutes to log onto the bank’s authentic website with the data they received and be granted access to the victim’s account. They just need to “empty” it.
Your last resort
In order to do so, they need to create or change a trusted transfer. Therefore, criminals send their victim another message: change your password to secure your account, confirm payment or your phone number. It doesn’t matter what they ask, as long as they persuade the victim to confirm the operation with the received code.
The code the victim receives via a text message does indeed come from their bank. However, it is generated to change the data of the transfer. Criminals hope that the victim will be careless and not read the content of the text message before automatically entering the code.
The code the victim receives via a text message does indeed come from their bank. However, it is generated to change the data of the transfer. Criminals hope that the victim will be careless and not read the content of the text message before automatically entering the code.
Citi Handlowy – keep up to date with online threats
Citi Handlowy - Be one step ahead of potential threats
While the internet and the digital technologies have made our lives much easier, they may also pose some threats.
How can you defend yourself against phishing?
The most important weapon against criminals is common sense. Banks never send e-mails asking to change your login data. Neither do they send links or attachments with such links. So, if you receive a suspicious request via an e-mail, a text message or a Facebook chat, you should ignore it. Secondly, if you have already clicked the link, you should check the valid security built in every online banking system. If you are on an authentic website, you will see a green padlock and the name of the institution. Just one look at the address bar will let you verify if you are on an authentic or bogus website. If the green padlock is not followed by the name of the bank – it is the latter. The address will also be different than the bank’s actual website. It is also worth installing an updated anti-virus software. It can identify phishing and warn the user about giving their data to criminals. You should also update your operating system, web browser and office software on a regular basis. All this will hinder a potential attack.
Read also:
Buying online? Learn the golden rules of secure online payments
Since smartphones became popular, we have started to buy everything online – from toys to clothes and furniture, concert tickets, food, and books. We also book faraway holidays and theater tickets. We make online payments every day using different devices. How can you make sure that your transactions are secure?
Published over 6 years
from Citi Handlowy Magazine
