Phishing Attacks - Be Vigilant, Be Safe
What are Phishing attacks
Any fraudulent communications over emails, SMS, phone calls or any other communication mediums that most of the times look like coming from a trustworthy source which intend to leverage human emotions and steal sensitive information like passwords, gain access to systems and create harm by installing malwares or even worst, by making fraudulent monetary transactions.
Phishing attacks are the type of cyber-attacks that are most prevalent and harmful. Amid the Covid-19 pandemic such attacks rose by almost 300% last year in India to reach 1,158,208 compared to 394,499 in 2019
According to published statistics, 75% of organizations around the world faced phishing attacks in 2020. There has been a substantial increase in Business Email Compromise (BEC).
Common types of Phishing attacks
How does it work
Gone are the days when you get a call or SMS saying “you won a lottery” and you say laughing “I never bought a ticket dude, don’t try to trap me”. Now the attackers often study the victims to find an opportunity to be able to pretend themselves to look more authentic and trustworthy. They make use of victim’s social accounts and the information shared over these accounts. E.g., it is very easy to find out names of a person’s colleagues and their professional email IDs and then pretend to send an email on behalf of the colleagues whom the victim readily trusts. The email convinces the victim that there is some kind and of emergency and an immediate action is required. The victim tends to give out sensitive information and the attacker captures this information and then uses it to cause damage.
Detect a Phish, be vigilant, stay safe
Companies implement security policies to protect their data assets, to ensure that only legitimate users that is their employees gain access to the rightful data. But what if any of these legitimate system user’s account gets compromised? Hence it is equally essential to ensure vigilance among employees against vulnerabilities, as it is to implement security policies.
At personal level
Protect your passwords
Do not use same password across
multiple accounts Keep changing your passwords frequently
Stop before responding to any communications that arouses the sense of emergency and insist urgent actions
Pay attention to look-alike domains in communications
Be careful with emails having suspicious attachments
Identify impersonated brands or suspicious subdomains in the links
At enterprise level
Phishing attacks are on a quick rise in India as well as all over the world. There are smart ways being used by the phishing attackers, and you must be smart in sensing the problems and protecting your assets against these dangers.
As it is very important in protecting the data of the enterprises, it is equally important in personal level transactions too. Ultimately the companies care for their employee’s wellbeing equally.
So be vigilant, stay safe!