Imagine this – for updating your personal details, or changing your password, you log onto your bank’s website, sign into your account, and then comes a shock – your account has been debited with an exorbitant amount, you having initiated no transaction!
How did that happen? Well, you just became a victim of ‘phishing’.
What is ‘phishing’?
Phishing is a type of fraud in which the attacker retrieves sensitive information (such as bank login IDs and passwords, etc.) from the victim by portraying to be a reputable entity or person (such as a fraudulently created banking website). Typically, the victim receives a message or email which appears to be sent by a known authority.
an email which looks exactly like the email from your bank, asking for updation of personal details for banking records. Normally, such an email contains either an attachment, which when downloaded collects information from the computer, or a link to a malicious website, which when opened asks for personal details such as login and passwords or credit card details. Once the details are entered, they are received by the attacker who then uses the same for fraudulent purposes such as to transfer money to his account.
This is serious business
In 2015, identities of over a whopping 42.9 crore people were stolen using phishing. This year, there has already been a rise of 21% in phishing attacks. The annual world impact of phishing is estimated to be over a massive Rs. 6,000 crores.
What can you do to be safe?
These phishing mails are so genuine-looking that it is difficult to differentiate them from authentic ones. Such attackers, also called phishers, use social networking and other sources of information to gather background information about the victim’s personal history, their interests and activities. This information is then used to craft an extremely believable email.
However, certain precautionary measures can increase the probability that your online activity will be safe:
- Be suspicious of any email message that asks you to enter or verify personal information, through a website or by replying to the message itself.
- Never reply to or click the links in a message. If you think the message may be legitimate, go directly to the company’s website or contact the company to see if you really do need to take the action described in the email message.
- When you recognize a phishing message, delete the email message from your Inbox, and then empty it from the deleted items folder to avoid accidentally accessing the websites it points to.
- Anti-phishing software is also available to counter such attacks.
AS A USER – have you seen this happening to you too? Share your story with us, so together we can ‘beware and be aware’!
Disclaimer: The above article is curated based on limited and publicly available open source information. The views and opinions expressed therein and all data and information so provided is solely for informational purposes, to be used at the sole discretion of the reader. If you disagree with any article or any part thereof, please contact us and we will resolve the issue at the earliest. KyaBae makes no representations as to accuracy, completeness, currentness, suitability, or validity of any information and will not be liable for any errors, omissions, or delays in this information or any losses, injuries, or damages arising from its display or use.