BotNet News

Phishing is the unauthorized collection of sensitive information (user IDs, passwords, credit card data) by cybercriminals via malicious attachments or links to fake websites. The websites often mimic the appearance of a well-known organization or individual and prompt victims to fill in personal details. These details are then used to access the victim’s account or to steal their identity.

The effectiveness of phishing varies across Internet user demographics, weapon of influence and life domains. For example, younger compared to older users are more susceptible to the scarcity strategy. Furthermore, older compared to young users are less aware of their susceptibility to phishing.

A typical phishing attack uses messages that appeal to our basic emotions: fear, greed and curiosity. They use a sense of urgency, imposing deadlines and threatening consequences. They also try to make victims feel familiar, for instance by referring to them by name or by using their work email address.

Other warning signs of phishing include emails that don’t have a valid signature, links that do not refer to the organisation the email is supposed to come from, or if they are asking for information that a legitimate site would not. The best thing to do when you suspect a phishing message is to open a new browser tab and visit the organisation’s website directly to check the information. Alternatively, hover the mouse over any link without clicking and verify that the destination address matches. You should also be wary of emails that ask you to download and/or run any attachments.