Topic: How to avoid geting phished (Read 125 times)

Separating different things on different devices and emails is very good practice for reduction of attack risks including phishing attacks. I agree with you that separating non-financial and financial stuffs on different devices is good preventive methods.

Like two years ago, a senior Bitcoin developer Lukedashj, was hacked and massive bitcoin were stolen from his compromised computer. Main cause is Luke installed an appoication on his computer.
Bitcoin Core dev says his bitcoin is basically all gone after hack.

Emails need to be separated similarly, for finance and non finance. Because with money related, if it is stolen, it is assuredly gone. Especially with Bitcoin, transactions are irreversible.

Where should you start to avoid phishing?

1st of all, with separating your work and entertainment areas. That is, all your financial data should be in a separate work environment. In the form of a separate work PC or laptop, or a virtual environment (virtual OS) that will be used only for work purposes.

Also, don't forget to separate your work email address(es) and not share this data everywhere (in the public domain) on the Internet to avoid this address getting into phishing attack lists. No phishing address - no phishing.

This part will go well for those who already know the URLs. What about those trying to search it on their own without an idea on what domain the services they're seeking are? It's kind of hard.

Well, this isn't to disprove you but I need to put this out here. I got to this place through a simple search on Google, wanting to satisfy my curiosity after I heard of Bitcoin for the first time late 2016. The search on Google took me to Coinmarketcap and from there to its socials. A click on that took me to BTT as one of the places where I could get answers to whatever questions were puzzles to me. Then I new next to nothing about phishing sites or what to look out for.

I definitely leave the email alone if I am not expecting any email but if I do then it's what I would do which is to check the sender first before clicking any link. I also agree to examplens about adding clipboard malware as it kind of the same as phishing since it won't be the address you copied when pasted. Anyway, hovering your cursor to the link to see where it goes doesn't work on someone who is using a mobile device. What I do to know what website it could be is I tap the link and copy the url and paste it and see what it is (only need to paste it and not to enter it just to be safe).

The methods listed by OP to avoid phishing are good, but do not forget that attackers can change the DNS server data and thus you will find yourself on a phishing site by clicking on the link. The only way to avoid this is to timely read updates from the team on the official account.

While I do like your tutorial and you touch pretty good the most important points, I feel that it's missing something:

1. Don't keep in hot wallets and online accounts more money than you afford to lose.
2. Keep the coins that matter in such a way that even if a hacker gets into your computer or your online accounts, you'll still not lose much (i.e. keep as much as possible offline: cold storage, hardware wallet...)

That's because:
* mistakes do happen
* your computer or phone may not be as safe as you think

They always used the words need, must have, and should and every word available to compel you to click the link. This is the first sign, and verify it by checking the url of the domain. Always bookmarked the real site and checked if you had the boomarked logo when visiting a legit site.
Phishing is done by cloning a site, so you should know the correct url of the site. You can't be wrong if you are on details on the URL of the sites you are visiting.

Well honestly in simple mistake can hunt you forever. Thanks OP this is also good noting to newbies to be aware and observant of all keywords and site that they are clicking cause it might be real when we first look at it but in the end its a phishing site that masquerade into a very subtle fake site with such variable change.

Sometimes with our naked eye we can see how it is but we should always triple check what we clicked.

Although such warnings seem minor, it seems that it is never superfluous to mention them again.

OP, maybe you could add clipboard malware as a potential source of phishing. In that case, even if you wrote an address by hand, you transfer something completely different using the copy/paste method.

Thanks OP for the effort you have put in this post to save alot of people from Phishing scams. For newbies who may be finding it difficult to identify emails that may lead to phishing sites, they can enable email filters on their devices. I use this on my email account and it has made identifying unwanted, promotional and scam emails very easy for me. This method may not be 100% effective but once an email is sorted into the spam folder, I just sense there might be an error in that email which will help me be more careful.

Just like OP has said, if you are in doubt, type the email address manually and avoid sending sensitive information about yourself to people you don't know, including strange links. Think safety always.

In cryptocurrency, to avoid phishing sites, the very first important step is don't use Google for searching. This search engine can display phishing sites on top of search results and it's terrible if you rely on it.

Let's start with big market cap websites when you need to search for something.
coinmarketcap.com
https://coingecko.com/
https://cryptorank.io/

There are more market cap websites in this industry but with above big ones, you can search almost everything you need and it helps you avoiding phishing sites.

[GUIDE] Use this for identifying Scam/Phishing Websites & Exchanges in Crypto
[Tutorial] How To Report Phishing Email & Create Auto Delete Filter - Gmail User
Tool For Catch Phishing

I accidently clicked post instead of preview Now it is completed.

Why is your post incomplete? I thought you would at least list some ways for newbies or people to avoid getting trapped by phishing emails.

Anyway, I will give my two cents about the subject because I have faced this in the past, and I know what an effective way of saving yourself from phishing emails is and not getting tricked easily.

Whenever you receive a promotional email or something, make sure that you always check the sender of the email. An email coming from an official source will have an email that you can find from the details of the email you have received. The place where the details can be found can differ based on the email provider you are using, but it's not that difficult to find it. In Gmail, it's under the name of the sender, besides the profile picture placeholder.

Once you look at the details, you will understand that the email is not from an official source but it is a trap.

1. INTRODUCTION

I noticed increase of phishing attacks in last few months, probably because of bull run, so I decided to write this short manual mostly for new unexperienced users so they learn:

• what to expect,
• how to recognize,
• how to react to phishing e-mail.

2. ABOUT PHISHIG E-MAILS

Phishing e-mails are usually constructed in such way that they seem to come from legitimate source ( eg. exchange, casino, government agency etc.)

The goal of phishing e-mail is to:

• steal your funds,
• harvest your personal information,
• gain access to your credentials,
• install malware

To avoid getting phished it is a good habit to always analyze e-mails, especially when dealing with sensitive information.

3. WHAT TO LOOK FOR  

The most important things to check when analyzing e-mails are:

• "FROM:" field
• Content
• Links

3.1 "FROM:" FIELD

It is important that you are familiar with structure of e-mail address.
For example in e-mail address support@binance.com elements are:

• support - username
• @ - @ sign
• binance.com - domain name

We need to focus on domain name and see if there is variation of usual domain name.
For example if domain is binance-xyz.com there is big red flag that e-mail is phishing mail.

3.2 CONTENT

The content is usually constructed in such way to evoke emotions and to get you to act in haste without thinking.
There will also be pressure to react to e-mail as soon as possible.
The attackers count on your lack of concentration, that you will be in distress, distracted and react in panic.
Almost always there will be provided link or button that you will have to click to solve the problem.
DO NOT CLICK LINK/BUTTON BEFORE YOU ANALYZE IT AND SEE IF TI COMES FROM LEGITIMATE SOURCE!

Some clues that show that you are probably dealing with phisihing e-mail:

• grammar mistakes
• logos are in low resolution/they look like pasted screenshots
• the e-mail adresses you by different name
• content of e-mail creates sense of urgency to react

3.3 LINKS

Always hover your mouse over the link/button contained in e-mail and check where it leads to.
You need to carefully analyze whole URL to be sure if the link is malicious or not.

3.3.1. URL shorteners

Be extra careful if e-mail contains shortened URL-s. URL shortener is service that shortenes web addresses and makes them more compact. It can also be used to hide malicious links because you can not see which website it leads to.
Legitimate service (exchange, casino, government agency...) would never use URL shortener in their e-mail.
Some examples of URL shorteners are web addresses that have domain these domains:

• t.co
• goo.gl
• bit.ly
• tinyurl.com

3.3.2. MODIFIED URLs

Always check if there is misspell in URL or the URL is modified variation of legitimate service.
For example in case of binance.com legitimate URLs would be:

• support.binance.com
• binance.com/support
• binance.com

Examples of malware variations of binance.com:

• binance.hhjf.com - domain name is hhjf.com
• binances.com
• binance.cash
• hhjf.com/binance
• blnance.com - "i" is replaced with small letter "L"
• binance-service.com
• support-binance.com

3.3.3. GOOD PRACTICE

It is good practice to avoid clicking links provided in e-mail and instead access the website trough bookmark or write address manually in address bar.
That way you are greatly reducing risk of accessing malware website trough links.

4. PHISHING WEBSITE

If you accessed website by link/button provided in e-mail always be sure NEVER to disclose following information:

• passwords
• private keys - No legitimate service will ever ask you for private keys!
• private information that could be used to steal your identity (name, address, ID card photos, ID card number etc.
• credit card numbers
• etc.

Be aware that attackers can make exact copy of the legitimate website, so checking URL is only way to know if the website is legitimate. But even URL can be faked, so the best way to know you are visiting legitimate website is to use bookmarks or writing address manually!


5. Some phishing scenarios

• You get e-mail that your account on exchange was hacked, you need to click link in e-mail to update your information and provide username and password
• You recieve e-mail that service you are using is having regular update and you need to update your informaton by clicking link provided
• E-mail states that due to suspicious activity your account was suspended and you have to verify your account by clicking link and fill in in information to regain access