How to Avoid and identify Phishing?

In the recent year there is dramatic increase in the number of phishing scams .
there has also been a steady rise in the number of people being victimized. Lack of awareness among the people is the prime reason behind such attacks. This article will try to create awareness and educate the users about such online scams and frauds.

Identifying a Phishing Scam:

  1. Beware of emails that demand for an urgent response from your side. Some of the examples are:
  • You may receive an email which appears to have come from your bank or financial organization stating that "your bank account is limited due to an unauthorized activity. Please verify your account asap so as to avoid permanent suspension". In most cases, you are requested to follow a link (URL) that takes you to spoofed web page (similar to your bank website) and enter your login details over there.
  • In some cases, phishing emails may ask you to make a phone call. There may be a person or and audio response waiting on the other side of the phone to take away your credit cards details, account number, social security number or other valuable data.
  • Phishing emails are generally not personalized. Since they target a large number of online users, they usually use generalized texts like " Dear Customer", "Dear Paypal User" etc. to address you. However, some phishing emails can be an exception to this rule. When you click on the link the links contained in a phshing email, you will most likely be taken to a spoofed web page with official logos and information that looks exactly same as that of the original web pages of your bank or financial organization. Pay attention to the URL of a website before you enter any of your personal information over there. Even though malicious websites look identical to the legitimate site, it often uses a different domain or variation in the spelling . For example, instead of, a phishing website may use different addresses such as:,, ,

Tips to Avoid Being a Victim of Phishing :

  1. Do not respond to suspicious emails that ask you to give your personal information.If you are unsure whether an email request is legitimate, verify the same by calling the respective bank/company. Always use the telephone numbers printed on your bank records or statements and not those mentioned in the suspicious email.
  2. Don't use the links in the email, instant messenger or chat conversation to enter a website. Instead, always type the URL of the website.
  3. legitimate website always use a secure connection (https://) on those pages which are intended to gather sensitive data such as passwords, account numbers or credit card details. You will see a lock icon in your browser's address bar which indicates a secure connection. On some websites like which uses an extended validation certificate, the address bar turns GREEN in most cases, unlike a legitimate website, aphishing website or a spoofed web page will not use a secure connection and does not show up the lock icon. So, absence of such security features can be a clear indication of phishing attack. Always double check the security features of the web page before entering any of your personal information.
  4. Always use a good antivirus software, firewall and email filters to filter the unwanted traffic. Also ensure that your browser is up-to-date with the necessary patches being applied.
  5. Report a "phishing attack" or "spoofed emails" to the following groups so as to stop such attacks from spreading all over the Internet: You can directly send an email to - or .

No comments:

Powered by Blogger.