Last Saturday, I received an email from my online banking provider and I instantly worried because it says that my account was being used to purchase a laptop worth P30,000 somewhere in Quezon City. It includes an option to cancel the order through a button, which I thankfully did not click on. While I was panicking, I immediately checked the email address of the email sender, and upon seeing that something is not right, I checked older emails from the online banking account.
Lo and behold, I found out that the email address used is different from the usual email being sent to me by my online banking account, and thank heavens for the presence of mind for not falling prey to this malicious intent. When I showed the email to my husband who is a computer engineer, he said that this was an example of phishing.
In January 2019, I already wrote about phishing when my sister received a notification from the bank where she has a savings account advising her to update her personal information to proceed with an alleged canceled purchase of a mobile phone in the US. Having returned from her vacation trip, she thought it was a credible email, thus making her encode the username and password of her online mobile banking account. Having realized that this was a bogus email, she was forced to report the incident to the bank and found out that it was indeed an email scam.
According to phishing.org, phishing is “a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.”
The information gathered from unsuspicious and innocent victims is then used to access important accounts and can result in identity theft and financial loss. Phishing experts have successfully made a lucrative business out of luring people using the internet and technology.
To help people become more aware of this cybercrime and prevent them to become helpless victims, here are some common features of phishing, according to phishing.org.
If your guts tell you it’s such a great deal that it seems to be too good to be true, then 90 percent chance it’s a scam waiting for you. These people use lucrative offers and eye-catching marketing techniques that will instantly make you excited that you can’t seem to resist the email. Text messages and emails from suspicious senders saying you won an instant prize are indeed phishing techniques.
If you receive an urgent notice saying that your account will be canceled if you don’t update your information, then you might have to verify the origin of the message to know if it’s legitimate or not. You should also be cautious in clicking the links embedded in the message as these websites are intended to instantly get passwords and other information.
Suspicious attachments especially those that you don’t expect to receive are somewhat also risky to be opened. Whenever visiting a website or if you were redirected to another page, then you must carefully check the domain name if it’s correct or not.
If you receive a message or email from someone you do not know, they might as well just directly move to the trash folder.
At the same time, you can always prevent phishing and other cyber scams by being extra vigilant in all your online accounts and transactions. One of the easiest things to do is to use spam filters in your web browsers and always check if the site you are visiting is secured or not at the uppermost left portion of the screen.
According to phishing.org, “many websites require users to enter login information while the user image is displayed. This type of system may be open to security attacks.” This is why using the same password for all your accounts is not advisable, and it is also recommended to think of a unique code not related to your personal details such as your birthdate or the name of your kids.
You should also be wary of emails sent that appear to be credible enough for you to enter your personal information. As an important note to remember, phishing.org says that “a bank will not ask for personal information via email or suspend your account if you do not update your personal details within a certain period of time. Most banks and financial institutions also usually provide an account number or other personal details within the email, which ensures it’s coming from a reliable source.”
To sum it up, strict prevention is necessary for us to prevent phishing and other cyber threats from happening. As the cliché says, we must always “think before we click.”