How to Avoid Phishing via Tricky Web Domains?

Phishing, in practice consists of email containing URLs (links) to doubtful domains. How do we avoid phishing via tricky domains? How can we spot them?

For instance, you receive an email (promting you to verify your account by providing any of the following: name, address, card number, password) containing this URL https://bankofamerica.mysite.com.

  1. Well, neither a bank nor other company would ask for your personal data: they already have those.
  2. No one ever asks for your password. Passwords are your secret, never to be shared with anyone.
  3. The name of prestigious companies is used in a link to trick you into clicking them. If a link contains a company name followed by .something.com, that link is most probably a phishing attempt.
  4. Get in touch with a representative of said email sender and confirm with them by reporting any suspicious electronic communication you may receive.

Companies need to regularly scan their databases to understand if there are domain names that appear to be tricking innocent people into believing that they are affiliated under another famous company, like Facebook and thereby gaining the trust of the readers. The readers in return trust such sources revealing potential information about themselves and their loved ones.

Phishing is not a one-way problem that can be prevented by stopping such threatening emails from reaching employees; instead it is estimated to be a two-way problem.

Spear phishing is more lethal since it involves incoming mails from someone you already know in some way or the other. Once you open the email, you are directed either to a malicious website or you are asked to incorporate your valuable information before proceeding.

Make sure you do not disclose any information without being very sure who you are communicating with.

There are a few simple techniques that can help you avoid phishing via tricky web domains:

Cryptographically sign your emails from an authentic email server. In this way, the person who receives the email would instantly know by matching the signature that the mail has come from the person in question. This technology is known as DKIM (Domain Keys Identified Mail).

Another technology is the SPF (Sender Policy Framework) Technology where the recipient can verify the incoming IP address from a list of authorized IP addresses.

Avoid using any of the available public networks.

Watch for spelling errors and shorter links.

Be aware of the pop-ups you receive.

By using these tools and paying attention, you can prevent both outbound phishing and also stop inbound phishing.


Adrian

View Comments

Recent Posts

Block Spotify Ads: Is it Worth and Legal? Useful Tips

As a Spotify Free user, you might feel like you want to block Spotify ads. This could be because they…

1 year ago

Hacked Spotify Account? Tips to Regain Access

As it is one of the most popular digital music, podcast, and video services, a hacked Spotify account may be…

1 year ago

Learn about Cracking. Essential Security Tips to Keep It Away

You may, or may not have heard about cracking. Either way, you should be aware of this threat, and learn…

1 year ago

What Is Victim Fraud Shame? Useful Tips to Fight Against It

Victim fraud shame is a very dangerous thing that may happen to those who become online victims. Some of them…

1 year ago

Five Steps to Stay Safe Online. Essential Security Tips

We assume that everybody wants to stay safe online. For this, some simple, still very important rules should be followed.…

1 year ago

How to Report Cybercrime? Become a Security Hero

Have you ever thought about how you could report Cybercrime? Maybe you or one of your friends became the victim…

1 year ago