In today’s digital reality scammers use all existing methods of social engineering deceiving people in order to induce them to act in order to make users commit phishing, which will turn out to be malicious for them, and profitable for the scammers.
Phishing links can be received via all channels: social networks, personal and work email, messengers, SMS, as well as chats on dating sites and similar resources. Here are some basic examples, according to which a user can distinguish a potentially dangerous link, or recognize a suspicious message, which offers to follow a link or download a file.
Anton Kukanov, deputy head of Roskatchestvo:
“An indication of a suspicious message with a phishing link can be the substitution of letters in the text of the email with characters or letters in a different language, for example, “d0br day”. Scammers also manipulate the credulity of users when they send messages with no explanations, as if the message is a continuation of a conversation that did not actually take place. For example, “Hello, here is the promised link.
Experts also recommend that official emails lacking additional contacts, such as full name, title, phone number, and postal address, be treated with caution.
Roskatchestvo Digital Expertise Center lists the main signs of phishing emails:
– You received a link in the form of numbers. Example: http://178.248.232.27
– The link contains two or more addresses. Example: rd.php?go=p>
– At the beginning of the site address has a “www”, but there is no dot or a dash. Example: wwwbank or www-bank
– When in the link the letters are changed to numbers “o” to “0” or capital letters are changed to capital letters or similar letters are changed to letters similar in spelling b to d, etc. .d. . Example: 0nIine.dank instead of online.bank
– The link is not clickable, but it contains spoofed characters. In this case, the attacker hopes that you will copy the link and paste it into the address bar.
Experts assure if the link starts with “p>
Yuri Drugach, CEO of StopPhish:
“Last year 48% of Americans encountered scammers. By the end of 2021, we expect this figure to grow, because technical blocking of fraud has not been implemented globally in the country, and criminals use several types of scaling their activities. This material describes only fraudulent links, only in relation to the phone and computer. But even knowing these basic rules, as practice shows, reduces the chance of fraudsters succeeding by 20-30 times
A universal rule: check the link not only before you click on it, but when you have already clicked on the site. The site you are taken to may be different from what was written earlier in the link.
Test your knowledge of how to recognize phishing links on the Roskatchestvo portal
Could you please share some expert tips or strategies that can help the readers confidently identify and avoid phishing sites?
One key strategy to confidently identify and avoid phishing sites is to carefully examine the URL. Look for any misspellings or extra numbers or characters in the website address, as phishing sites often use slight variations of legitimate websites to trick users. Additionally, check for the presence of a secure connection by looking for “https://” at the beginning of the URL, as legitimate sites use encryption to protect your personal information. Be cautious of unsolicited emails or messages asking for personal information, and never click on links or download attachments from unfamiliar sources. It’s also important to keep your operating system, browser, and security software up to date to protect against known security vulnerabilities. Finally, trust your instincts – if something seems suspicious or too good to be true, it’s best to err on the side of caution and avoid the site altogether.
One key strategy to confidently identify and avoid phishing sites is to carefully examine the URL. Look for any misspellings or extra numbers or characters in the website address, as phishing sites often use slight variations of legitimate websites to trick users. Additionally, check for the presence of a secure connection by looking for “https://” at the beginning of the URL, as legitimate sites use encryption to protect your personal information. Be cautious of unsolicited emails or messages asking for personal information, and never click on links or download attachments from unfamiliar sources. It’s also important to keep your operating system, browser, and security software up to date to protect against known security vulnerabilities. Finally, trust your instincts – if something seems suspicious or too good to be true, it’s best to err on the side of caution and avoid the site altogether.
How can we effectively distinguish a legitimate website from a phishing site to protect ourselves from cyber threats?
Can you provide some practical tips or techniques for identifying phishing sites?
How can one ensure they have the necessary knowledge and skills to effectively identify and avoid falling victim to a phishing site?