GT Explains: What is Phishing and How to Avoid Falling for Such Emails

Ashish Mundhra

securityDiving right into the topic, Phishing is basically an act of sending emails to a user claiming to be associated with a legitimate firm but behind the scene it’s a scam that someone is running to grab your confidential personal information. The email generally contains a link which looks very similar to the legitimate link of the same enterprise.

Also the page will look the same with all the elements matching the original page. Most of the time, these emails would require you to login to the fake web page using your login credentials. But as the page was fake, the link was a fake and the email all together was fake you would be handing over your passwords to the scamster on a platter.

Click on this link (UPDATE: This file is not available anymore) and have a look. You would see an authentic Facebook login page asking for your login id and password. But when you have a look at the URL, you will find that it’s not even closely related to Facebook. Please note that this page was hosted by me on Dropbox for educational purpose alone.

phishing

The details on these fake pages can range from just the email address and password to bank account information and credit card numbers. As all it takes is a little careless action to fall into trap, the victims of phishing are increasing exponentially every day.

Fighting Phishing

The key to fight phishing is to be alert all the time. The major reason people fall into these traps are because they don’t pay attention to the URL of the page. Moreover, none of the banking company or any other established firm will ever shoot you email asking you to provide your credit card details or change login password unless you initiated the request.

If at all you receive emails that require you to provide such details, always have a second look on the URL of the page and cross check it with the official URL of the establishment. If the page is not from the same domain or the sub-domain, never ever give your details. We’ve already covered a detailed article on ways to identify suspicious links.

Moreover, there are many antivirus tools which install browser extensions to fight phishing. These extensions collect data from different sources and make a list of positive phishing websites to warn you when you land on one of those. These tools can be a great help but still they don’t provide a 100% security.

How Can I contribute

Many email services have been fighting phishing for years now and you can be a part of that as well. All you need to do is report the phishing email to the system so that they can include it in their database and fight phishing better.

gmail report phishing

For example, in Gmail you can report an email as phishing by clicking the arrow button near the reply button and selecting the option from the drop-down menu.

Conclusion

Before I conclude, all I want to say is that before you provide your personal information to an email or to a web page in the email, just check with the organization over phone and ensure if the mail is legit. A direct phone call is always a better option.

Top Image Credits: iStockphoto | Microsoft Partner

Also See
#email #gtexplains

Join the newsletter

Ashish Mundhra

Written By

Ashish Mundhra

Ashish is a staff writer and video editor at Guiding Tech. He loves all things tech and has a soft corner for Android. Apart from contributing articles here, he also takes care of our YouTube Channel.