In the first quarter of 2021, 611877 unique phishing sites were detected in the USA. And their number continues to increase. Using confidential information obtained through phishing sites, their creators implement various fraudulent schemes, the result of which is the same for the user – the loss of access to their mail accounts, social media accounts, or theft of money from a bank acccunt.
Today we will talk about phishing sites masquerading as sites of banking or credit organizations, we will tell you about the main fraud schemes and the rules, following which you can keep your data and money safe.
What is a phishing site?
A phishing site is a site created by fraudsters with the purpose of obtaining confidential information of users – SSN, phone numbers, bank account data, access to e-mail and social networks. Phishing sites look like an exact replica of a real organization’s site. Being confident that they have a real site in front of them, users enter their data and become victims of scammers.
The most common phishing scams
Email letter with a link to the site
Most often, a user is brought to a phishing site by an email on behalf of a real organization. An email letter looks like a request to clarify information about the user. In return, they can offer a profitable loan, bonuses or the transfer of the client to the VIP category. By clicking on the link in the email letter, the unsuspecting user enters his or her username and password from the account, card number, pin code or CVV code. Using this data, scammers withdraw money from the account or pay for purchases in online stores. It is difficult to find scammers, and refunding money is usually completely unrealistic.
Email letter with an attached file
Another common scheme is also associated with emails. In this case, a letter with an attached file is sent on behalf of the bank or credit institution. In the accompanying text, they write that you need to download new terms of service from the site or an agreement that needs to be renegotiated.
Along with the file, a spyware virus is downloaded to the computer, which collects information and sends it to the attacker: data for accessing Internet services and social networks, email addresses, contact lists.
Such viruses can connect to the keyboard and intercept information entered by the user on various sites. As a result of such a hack, the user may suffer more. True, this method is more complicated and less common.
Downloading malicious software to your computer
In this case, phishing sites are used to plant a blocker virus on the victim’s computer. Everything happens in the same way as in the case of spyware: an email letter from an official organization, a request to download a file with a contract, terms of service or new software. But in this case, a blocker virus is installed on the victim’s computer instead of spyware.
The malicious program encrypts all information on the hard drive, and to unblock it, you need to send a certain amount to the specified account, after which the victim will receive a message with a lock code. Some of these viruses are treated by going to the nearest computer service, while some can really completely block all information. At the slightest attempt to restore it, it is completely deleted. But even sending money to scammers does not guarantee that the user will get their data back.
How to protect yourself from phishing attacks
To protect yourself from losing money and data, you should adhere to the basic security rules:
When using devices and networks
Use only the device that belongs to you. Do not use computers in Internet cafes and devices of random acquaintances to transfer important information. Even if you urgently need to transfer or receive money, do it only from your device. Even if the smartphone, laptop or tablet that you are going to use belongs to your close friend, you cannot be sure that the device is not infected.
Do not provide your details or make transactions if you are connected to an unsecured Wi-Fi hotspot. Public hotspots without protection and passwords in parks, cafes and other public places are the most “fishy” place for an attacker. By connecting to such a network, a fraudster can gain access to all information that users transmit over an unsecured connection.
Always check for updates for your operating system. Some viruses downloaded from phishing sites exploit operating system vulnerabilities to gain access to your data. Software manufacturers regularly release updates to address these vulnerabilities. By disabling automatic updates, you deprive yourself of the opportunity to close such “holes” and become a potential victim of hackers.
Keep the antivirus you use up to date. Do not disable automatic updates for your antivirus and always install updates if the program prompts you to do so. Each update contains information about new viruses – threat signatures. Without this data, the antivirus will not recognize the malware and your data will be at risk.
Safety tips for visiting a website
Check for a secure HTTPS connection
There should be a symbol in the form of a green padlock and the inscription “reliable” before the line of the site address in the browser. All financial institutions only use a secure connection. Using a regular, unsecured connection, you risk transmitting data directly to attackers.
Pay attention to the domain name of the site. The site of a US bank or financial company can only be hosted on the .com domain. Since there are restrictions and special requirements for registering a .com domain, violation of which entails criminal liability, attackers simply cannot register a fake site in this domain zone.
Always check the spelling of the website address. To create phishing resources, cybercriminals use domain names that slightly differ from the real ones. An extra letter can be omitted or added in the name, some letters can be replaced with numbers. This is done to keep the domain name as similar as possible to the real one. At the slightest suspicion, leave the dangerous resource and go to the address of the organization found using a search engine.
Connect 3-D Secure Code for your bank card. 3-D Secure Code is a special security system designed specifically for payment card holders. The purpose of the system is to protect the user from online fraud by confirming each operation with a code that is sent to the mobile phone number linked to the card in an SMS message. Usually all banks include 3-D Secure Code by default, but if you suddenly have this option disabled, be sure to activate it.
Do not download files from emails, even if the letter came from a bank or credit institution. You need to make sure that the sender is who he or she claims to be. Carefully check the sender’s name, the address of the mail from which the letter was sent. An employee of an official organization will never send a letter from a free mail server or from a domain that differs from the one on which the organization’s main site is located.
What to do if you suspect that you are a victim of a scammer
It seems to you that the site you are visiting is not real. Immediately close the tab with the suspicious site and call the organization on behalf of which the attacker may be speaking.
You entered data on a suspicious site. Change passwords for e-mail, bank account, contact the bank by phone and follow the advice of the bank officer.
You downloaded a file from a letter or from a suspicious site. Disconnect your device from the internet. After receiving confirmation that the organization has not sent you any letters, contact the specialists. They will scan your device for viruses and remove the dangerous program.