IT Classroom
Be Smart! Don't be Victims of Phishing Scams 36
  • 友善列印版本

    09/2018

    Phishing scams have evolved over the past few years. By imitating real-life content, phishing emails aim to get access to victims' confidential information or directly encrypt their computers' data for ransom. However, as long as you maintain healthy online habits, phishing scams can be avoided. 

     

    Here are some of the latest trends of phishing scams: 

     

    1)    Access Authorization without Passwords

     

    In the past, phishing emails were linked to fake website, luring victims to enter their usernames and passwords. In the latest approach, hackers now introduce fake applications in the emails, tricking victims to authorize them to access to their Google accounts. This way, hackers no longer need victims' usernames and passwords to obtain their personal data.  

     

    Solution:

     

    • Do not grant unknown developers access to data contained in your Google or other accounts;
    • Check your Google account's permissions and any connected applications through this link. If you find any suspicious or unknown applications with account access, you should remove them immediately.

     

    2) Blind-spot Tricks

     

    Many internet users nowadays have basic knowledge and security awareness, understanding the importance of actively checking the URLs and carefully reading through the content to avoid simple phishing attacks. Therefore, some cyber criminals have evolved their strategies by tailor-making phishing email content for corporate users, adding company logos and adopting corporate website style to gain trust and lure victims to open attachments and click links in the emails. 

     

    Solution:

     

    • Delete emails from unidentified sources as they might contain fraudulent links;
    • Do not respond to or disclose personal information to emails which require immediate action under suspicious circumstances. You should first verify the sender through other channels, such as calling or enquiring in person; 
    • Do not open any URLs or attachments without verifying the entire email, even if you think you recognize the name or email address of the sender; 
    • Instead of clicking a link, type the URL directly into your internet browser to avoid being redirected by hidden strings in the links;
    • Be particularly aware of emails with the following keywords: Important, Payment, Receipt, Transfer, Remittance, Best Price, Gift, Congratulations, Guarantee, etc;  
    • Do not forward or reply to any suspicious emails.

     

    Last but not least, always verify your emails and beware of frauds! 

    Share articles