How to Detect Phishing Mails and Websites

Not long ago, phishing websites and mails looked quite unprofessional, they were peppered with spelling mistakes and had a distrustful design. Nowadays the digital fraudsters act much smarter, it is hard to distinguish lies from the truth. We recommend to have a close look whenever someone asks for your data.

Concerning e-mails, pay attention to the following features:

  • Impersonal form of address:The sender of the e-mail does not know your correct name. The mail begins with “Dear costumer” instead of “Dear Mrs. / Mr. XY”. Perhaps you name is inserted, but misspelled.
  • The sender is using threads:The sender threatens you, e.g. “if you don’trefresh your password you account will be locked”.
  • Request for confidential data:You are straightforwardly asked for confidential data like your PIN / password, your online bank access or your credit card number.The whole thing is backed up with a threat.
  • Links und forms:The e-mail contains forms and links which you are obliged to use if you do not want to receive any disadvantages.
  • Bad language:Sometimes, not always, the messages are written in bad English, sometimes interspersed with Cyrillic letters or special character like $ or &.

Be vigilant even with well-worded texts! If in doubt, always check with the alleged sender, for example you house bank or Amazon. Go to the original website to contact the real customer service, don’t use any links or e-mail-addresses you find in the mail.

If the e-mail in question was written in HTML format, regularly another e-mail-address is hidden behind the official sender. There is an easy way to find out whether this is the case: If you manage your e-mails with a browser, have a closer look at the source text. If you work with a common e-mail program, simply move the cursor over the sender, but don’t click on it. Instantly you can see whether someone embedded another address in the sender line.

This is how you expose phishing websites:

If you are searching for a new provider, e.g., a trustworthy online casino, use reputable comparison portals. Vegasslotsonline.com is a platform that considers itself as big library of properly licensed digital venues. There you have an instant access to more than 7780 free online slots without leaving any data or invest real money. The slots are 24/7 available, a download is not needed. Playing is possible from anywhere in the world. If you want to, you can also choose real money casinos and be sure that your data is in good hands there.

A secure website always has the https:// in the address field of the browser. The abbreviation indicates that the provider has acquired an SSL-certificate, but don’t be too sure if you find the https. Many phishing fraudsters nowadays also buy a certificate, so there is not reason to give an all-clear. There is no way around other safety precautions, for example carefully examining every link on suspicious websites or in the social networks. If the name of a well-known institutions contains numbers are characters that are usually not included – like www.amazon8x.com – you should not click the link.

If your bank or online-shop asks you to enter your name, address and bank account again, although it should be well known to this provider, don’t do it. Be even more suspicious if you are asked for a TAN without having triggered a transaction.

How dangerous are phishing attacks?

Cybercrime is no cavalier offence. This kind of fraud causes enormous economic damage in every country of the world. The victims not only lose money, but also a lot of trust. In addition, hackers often put malware into circulation via phishing, this is how the damage adds up. Every careless click may infect your smartphone or pc, so it is absolutely important to equip your device with a well-working virus scanner. You surely don’t want to have a trojan, a bot or ransomware on your computer, but you have a good chance to collect many of them if you are not always on the guard.

dangerous are phishing attacks

We recommend to follow the rules you have just read and inform yourself furthermore about cyber attacks and internet security. Only well-informed people are equipped enough to withstand all these nasty attacks.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...