Pages:
Author

Topic: How to avoid geting phished - page 2. (Read 197 times)

sr. member
Activity: 1491
Merit: 320
🐪
December 20, 2024, 08:09:54 PM
#3
Why is your post incomplete? I thought you would at least list some ways for newbies or people to avoid getting trapped by phishing emails.
~

I accidently clicked post instead of preview Sad Now it is completed.
sr. member
Activity: 1260
Merit: 358
December 20, 2024, 07:12:42 PM
#2
Why is your post incomplete? I thought you would at least list some ways for newbies or people to avoid getting trapped by phishing emails.

Anyway, I will give my two cents about the subject because I have faced this in the past, and I know what an effective way of saving yourself from phishing emails is and not getting tricked easily.

Whenever you receive a promotional email or something, make sure that you always check the sender of the email. An email coming from an official source will have an email that you can find from the details of the email you have received. The place where the details can be found can differ based on the email provider you are using, but it's not that difficult to find it. In Gmail, it's under the name of the sender, besides the profile picture placeholder.

Once you look at the details, you will understand that the email is not from an official source but it is a trap.
sr. member
Activity: 1491
Merit: 320
🐪
December 20, 2024, 06:58:48 PM
#1
1. INTRODUCTION

I noticed increase of phishing attacks in last few months, probably because of bull run, so I decided to write this short manual mostly for new unexperienced users so they learn:
  • what to expect,
  • how to recognize,
  • how to react to phishing e-mail.


2. ABOUT PHISHIG E-MAILS

Phishing e-mails are usually constructed in such way that they seem to come from legitimate source ( eg. exchange, casino, government agency etc.)

The goal of phishing e-mail is to:
  • steal your funds,
  • harvest your personal information,
  • gain access to your credentials,
  • install malware

To avoid getting phished it is a good habit to always analyze e-mails, especially when dealing with sensitive information.

3. WHAT TO LOOK FOR  

The most important things to check when analyzing e-mails are:
  • "FROM:" field
  • Content
  • Links

3.1 "FROM:" FIELD

It is important that you are familiar with structure of e-mail address.
For example in e-mail address support@binance.com elements are:
  • support - username
  • @ - @ sign
  • binance.com - domain name


We need to focus on domain name and see if there is variation of usual domain name.
For example if domain is binance-xyz.com there is big red flag that e-mail is phishing mail.

3.2 CONTENT

The content is usually constructed in such way to evoke emotions and to get you to act in haste without thinking.
There will also be pressure to react to e-mail as soon as possible.
The attackers count on your lack of concentration, that you will be in distress, distracted and react in panic.
Almost always there will be provided link or button that you will have to click to solve the problem.
DO NOT CLICK LINK/BUTTON BEFORE YOU ANALYZE IT AND SEE IF TI COMES FROM LEGITIMATE SOURCE!

Some clues that show that you are probably dealing with phisihing e-mail:
  • grammar mistakes
  • logos are in low resolution/they look like pasted screenshots
  • the e-mail adresses you by different name
  • content of e-mail creates sense of urgency to react

3.3 LINKS

Always hover your mouse over the link/button contained in e-mail and check where it leads to.
You need to carefully analyze whole URL to be sure if the link is malicious or not.

3.3.1. URL shorteners

Be extra careful if e-mail contains shortened URL-s. URL shortener is service that shortenes web addresses and makes them more compact. It can also be used to hide malicious links because you can not see which website it leads to.
Legitimate service (exchange, casino, government agency...) would never use URL shortener in their e-mail.
Some examples of URL shorteners are web addresses that have domain these domains:
  • t.co
  • goo.gl
  • bit.ly
  • tinyurl.com

3.3.2. MODIFIED URLs

Always check if there is misspell in URL or the URL is modified variation of legitimate service.
For example in case of binance.com legitimate URLs would be:
  • support.binance.com
  • binance.com/support
  • binance.com

Examples of malware variations of binance.com:
  • binance.hhjf.com - domain name is hhjf.com
  • binances.com
  • binance.cash
  • hhjf.com/binance
  • blnance.com - "i" is replaced with small letter "L"
  • binance-service.com
  • support-binance.com

3.3.3. GOOD PRACTICE

It is good practice to avoid clicking links provided in e-mail and instead access the website trough bookmark or write address manually in address bar.
That way you are greatly reducing risk of accessing malware website trough links.

4. PHISHING WEBSITE

If you accessed website by link/button provided in e-mail always be sure NEVER to disclose following information:
  • passwords
  • private keys - No legitimate service will ever ask you for private keys!
  • private information that could be used to steal your identity (name, address, ID card photos, ID card number etc.
  • credit card numbers
  • etc.
Be aware that attackers can make exact copy of the legitimate website, so checking URL is only way to know if the website is legitimate. But even URL can be faked, so the best way to know you are visiting legitimate website is to use bookmarks or writing address manually!


5. Some phishing scenarios

  • You get e-mail that your account on exchange was hacked, you need to click link in e-mail to update your information and provide username and password
  • You recieve e-mail that service you are using is having regular update and you need to update your informaton by clicking link provided
  • E-mail states that due to suspicious activity your account was suspended and you have to verify your account by clicking link and fill in in information to regain access
Pages:
Jump to: