Pages:
Author

Topic: Some common ways to discover phishing attacks - page 2. (Read 254 times)

sr. member
Activity: 812
Merit: 315
Vave.com - Crypto Casino
Thanks for your advice, if someone takes your advice very seriously and is on watch out for all your five warnings does that makes them completely safe from phishing attacks? No.

Small-time scammers use short URLs to deceive people since they have to click on the link to see what's inside.

Big scammers can use other ways that are almost perfect and could confuse anyone, the most common one is sending emails to your email account, if you are the type that is always curious about the messages you get on your email there is a chance you will fall victim.

Do not open an email if you aren't expecting them, if you open a new exchange today, your verification code will be forwarded to your email asap, that's because you just create a new account on an exchange, so the code is expected.

There are other ways, if your private phone number is visible, scammers can send you bad links to your number, pretending to be from your network tariff or something.
legendary
Activity: 1708
Merit: 1280
Top Crypto Casino
Ive been in the industry of IT and based on my experience this is a common attack in organizations.

Based on your statement which is that website phishing which can be in the form of Spear Phishing they will create a fake website and can be used to get the individual users' credentials until they can access the active directory of the people in the company and after they accumulate enough details they will start now to steal that information. This most likely happens in emails. Eg. Fake Bank account websites.

Once you are active in the social media that you are referring with the crypto for sure most of us are using the exchange the attackers can now pretend with the use of the form of Voice Phishing with the form of Calls that they are pretending they are part of the particular company, organization or platform that your account has some particular activity which needs to get a lock and they need your credentials.
Continous with this form of phishing is Smishing with the use of the SMS attacks like texting you win a BTC and there's a link you need to click just to claim the rewards.



As possible if you have a website filtering you can prevent this attacks or security with your accounts must block or report immediately, having a basic knowledge with this will save you and your funds.

hero member
Activity: 868
Merit: 952

1. Grammar error: This happened as a result of being hurried up to send the message out, they do not even have time to go through what they have written.
This is mostly experienced when a similar website or app is developed. Like the numerous number of online wallets that have duplicates one of the easiest way to detect them is by grammar error just to avoid google play rights. But most of these days scammers have gone past this.

Quote
3. Check the URL: Always be vigilant of any link that requires you to insert your personal information. Ensure to check the URL, because the scammer always uses websites with URLs. After checking the URL and is legit then HTTPS in the URL, if there is S at the end the website is secure for your personal information, but if not included then run away from the site.
This is not all true because even phishing sites can have the S, the only way a phishing site removes The S is when the scammer is copying another site then it creates changes to the url by removing the site to make it look like the original but aside that scammers could just use another method to differentiate the site example is bitcoin-talk.org from Bitcointalk.org

Quote
4. Trust but verify: if a message or email is sent to you either by your friend or someone else, you must check the message thoroughly before clicking on the link. Phishers can do and undo, always scrutinize the email and also the authenticity before taking action.


There is a way to filter ones email from relieving malware or phishing links. This way the scam messages are sent straight to the spam box and this could limit the number of phishing emails received in the inbox
legendary
Activity: 3472
Merit: 3507
Crypto Swap Exchange
1. Grammar error: This happened as a result of being hurried up to send the message out, they do not even have time to go through what they have written.

I would not take this as an important parameter, because phishing sites are most often 100% copies of the original. Also in the case of conversation, it can happen that he is a fraud with a very good knowledge of grammar, so relying on not recognizing grammatical mistakes can be completely wrong.

Quote
2. Copycatting: In this aspect, you have to get familiar with the brand, logo, and poster, of the organisation's website. All mentioned can be manipulated if you didn't recognize them from the website.

Likewise here. Phishing sites are identical to the original with only noticeable changes. How can someone who comes to the site for the first time know whether it is original or phishing based on small "flaws" in the design?
This is ok but for experienced users.

Quote
3. Check the URL: Always be vigilant of any link that requires you to insert your personal information. Ensure to check the URL, because the scammer always uses websites with URLs. After checking the URL and is legit then HTTPS in the URL, if there is S at the end the website is secure for your personal information, but if not included then run away from the site.

This is almost a mandatory check, although that can also be tricky if missing or lacking a specific character or even similar characters are replaced in the domain name.
Also, for easier recognition, certain experience is needed here.
hero member
Activity: 3024
Merit: 745
Top Crypto Casino
3. Check the URL: Always be vigilant of any link that requires you to insert your personal information. Ensure to check the URL, because the scammer always uses websites with URLs. After checking the URL and is legit then HTTPS in the URL, if there is S at the end the website is secure for your personal information, but if not included then run away from the site.
Scammers and hackers often use the shortlinks and that's why if you're unsure what link you've received you better not click it and ignore it completely. There are also a lot of tools that you can find online to check what's the content and real URL from these link shorteners.
And for more tips about checking if a website is safe, Avast[1] has a say on this.

[1] https://www.avast.com/c-website-safety-check-guide
hero member
Activity: 756
Merit: 508
The Alliance Of Bitcointalk Translators - ENG>PID
Phishing is an act of getting people's personal information like usernames, passwords, credit card details and many more through sending fake messages, fake emails and a lot more claiming they are good people and wanted to help.
Phishing assaults are a popular sort of cyber assault in the crypto realm, and they can result in considerable financial losses.

Phishing has become a huge problem within cryptocurrencies and it is getting bigger day by day. Every day new people are getting involved in crypto, while phishers are seriously engaged in scamming newbies in crypto that is why people still see crypto as a way of scamming. I create this post to help everyone, especially newbies to be careful with the type of browser and also any site that involves phishers, and also  some ways to discover phishing attacks in the crypto space.

       Ways to identify phishing attacks
Ways to discover phishing attacks In the crypto space
Identifying phishing attacks is a little bit more difficult because phishers are very intelligent to go extremely higher for the message and the website looks too real and legit.

1. Grammar error: This happened as a result of being hurried up to send the message out, they do not even have time to go through what they have written.

2. Copycatting: In this aspect, you have to get familiar with the brand, logo, and poster, of the organisation's website. All mentioned can be manipulated if you didn't recognize them from the website.

3. Check the URL: Always be vigilant of any link that requires you to insert your personal information. Ensure to check the URL, because the scammer always uses websites with URLs. After checking the URL and is legit then HTTPS in the URL, if there is S at the end the website is secure for your personal information, but if not included then run away from the site.

4. Trust but verify: if a message or email is sent to you either by your friend or someone else, you must check the message thoroughly before clicking on the link. Phishers can do and undo, always scrutinize the email and also the authenticity before taking action.

5. Use a hardware wallet: use a secure wallet that has two-factor authentication, hardware wallet is a device that can see and handle which cryptocurrencies are kept offline. Attackers find it very difficult to access your crypto, private key, using scam websites.


Above mentioned are out of many detectors of phishing attacks, there are many more apart of above mentioned but following these tips can guide you away from phishing attack in the crypto space. Any form of an idea are welcome.
Pages:
Jump to: