BotNet News

Phishing is the attempt to trick unsuspecting individuals into sharing personal information such as account logins, passwords or credit card information with cybercriminals. Attackers can then use this information to commit identity theft, steal sensitive data or launch a denial of service (DoS) attack against the target organization.

Attackers can launch phishing attacks using different mediums including email, social media, instant messaging and telephone calls. The most effective countermeasures are user-based awareness training and security tools.

Emails and text messages can look unprofessional, have poor grammar or include links that have odd-looking URLs. Regardless of the quality, phishing emails and texts are often crafted with a sense of urgency to lure victims into providing their information. Often the malicious attacker will try to establish trust by making the email or call sound like it comes from an established business or family member.

It is important to keep in mind that no reputable company will ever ask you to provide your information via email or text message. If you receive a suspicious request, contact the organization directly via a phone number provided on their website. It is also a good practice to visit websites by typing the website address in the browser instead of clicking a link that is in an email.

Additionally, if you are unsure whether an email or text is legitimate, hovering your mouse over the link can reveal its true destination. A phishing link will usually say something like “click here” or “click here to view” but will actually direct you to the attackers spoof site.