Protecting yourself from harmful threats online like phishing website is a constant battle in this day and age. Security researchers and media outlets have a nearly never-ending list of topics and incidents to cover that acknowledges that we’re not safe online.
In 2016 Q4 alone, phishing attacks have increased by a staggering 500%, claimed by a report by proofpoint.
GreatHorn’s 2017 Spear Phishing Report revealed that 91% of cooperate related phishing attacks are display name spoofs, adding that on average they receive one dangerous message per day. It is expected to be inclined in upcoming years. But with few tricks one can identify phishing websites. Here are the top tips to follow while browsing suspicious website:
Check the URL
You can look for a padlock symbol in the address bar to verify that the URL begins with ” https:/” or ‘ http:/. The only difference is that “https:/” means that the web address has been encrypted and protected with an SSL certificate.
You should also give attention to:
– The base domain of the website
– The full URL of the website
– The website registration details (web site owner & date registered)
Analyse Website Content
– The site will look little offset
– Spelling Mistakes
– Low resolution images
In an official website feel is very standard, sites is made with details in mind on the other side phishing website will miss some of the factors. This gives a big red flag that it is a phishing website.
Contact Us Page
Short Case Study
Below is a snapshot of a phishing page targeting Metrobank of philippines. It’s received by their customers for updating their password. If looked carefully the following things can be seen clearly:
- Page is hosted on http and not https.
- URL seems legit.
- Page looks a little offset.
When analyzed further:
- It had no home page,no contact information page.
- This was the only page hosted on the domain.
- The links on the phishing page are disabled.
These types are cases are very much common and it is tough to tackle this problem without a proper strategic plan. Use TIKAJ’s Anti-Phishing services to intercept and minimize phishing problem in your environment.