Phishing is a type of deception technique designed to steal your valuable information, such as credit card numbers, passwords, account credentials, and other personal information.
The mass phishing attack involves sending millions of fraudulent e-mail messages that appear to have come from trusted websites, like bank or credit card company, and request the users to provide personal information.
Also read: how to hack gmail account password?
What does a phishing scam look like?
As scam artists become more sophisticated, so do their phishing e-mail messages and delivery techniques.
They often include official-looking logos from real organizations and other identifying information taken directly from legitimate web sites.
The 2-factor authentication, which acts as a second layer of security after the password, usually helps in case you accidentally give out your login credentials to hackers via phishing attacks. However, hackers have become so tactful that they have now begun to bypass the 2-factor auth using phishing attack itself.
Phishing Scams in Plain English
How to Detect Phishing Attack?
Here are the common phrases or text found in the phishing email:
“Verify your account.”
Businesses should not ask you to send passwords, login credentials, Social Security numbers, or other personal information through e-mail.
If you receive an e-mail from Microsoft asking you to update your credit card information, do not respond. Instead, send a separate email to the Microsoft support team to verify the email they sent. To learn more, read Fraudulent e-mail that requests credit card information sent to Microsoft customers.
“If you don’t respond within 48 hours, your account will be closed.”
These messages convey a sense of urgency so that you’ll respond immediately without thinking. Phishing e-mail might even claim that your response is required because your account might have been compromised.
“Dear Valued Customer.”
Phishing e-mail messages are usually sent out in bulk and often do not contain your first or last name.
“Click the link below to gain access to your account.”
HTML-formatted messages can contain links or forms that you can fill out just as you’d fill out a form on a Web site.
The links that you are urged to click may contain all or part of a real company’s name and are usually “masked,” meaning that the link you see does not take you to that address but somewhere different, usually a phony Web site.
Notice in the following example that resting the mouse pointer on the link reveals the real web address, as shown in the box with the yellow background.
The string of cryptic numbers looks nothing like the company’s web address, which is a suspicious sign.
Example of masked URL address
Phishers use URLs that resemble the name of a well-known company but are slightly altered by adding, omitting, or transposing letters.
For example, the URL “www.microsoft.com” could appear instead as: