Phishing is a metaphorical term derived from 'Fishing' which means catching fish. In fishing, bait is used to lure fish onto a hook, similar to creating a scenario by sending fake messages, emails, or websites to lure users into becoming victims
If you encounter a message like this, most people would click without much thought, and we often receive suspicious emails of this nature regularly. This is a popular form of cybercrime known as phishing attacks. In this article, we'll provide information, tips for detection, and prevention methods against phishing.
What is phishing?🐠
Phishing is one of the most common forms of online deception found today. It takes various forms, often involving tactics to deceive users and pretending to be trustworthy websites. For example, they might mimic a bank's website or a social media account, closely resembling the real site with only minor changes in the URL, making it difficult for us to notice. Hackers often send emails requesting us to log in to our bank accounts or other accounts to verify or confirm information, along with links to fake pages.
Phishing is the most successful form of cybercrime because it achieves the highest deception rates. It uses various channels such as emails, messages, or online platforms to trick us into disclosing personal information without us suspecting it often.
Methods to detect phishing
- An email that urges immediate action typically includes content that pressures the recipient to act quickly, such as claiming you must click, reply, call, or open an attached file immediately. It may use phrases like "Act now to claim your prize" or "Legal violation, severe penalties" to evoke a sense of urgency and fear of consequences. This urgency tactic is common in phishing to prevent recipients from taking time to think critically or seek advice before responding.
-
If you receive an email from someone you don't know, an application, or an external person unrelated to your organization that you're not familiar with, it could be a sign to be cautious and thoroughly review before assuming it might be phishing.
-
Incorrect spelling and grammar are generally signs of importance emails that should include correct usage of vocabulary and grammar. Another point is to content the has errors in If the message contains clear errors in spelling or grammar, that could be a sign of phishing
-
Mismatched email domains are a common indicator of phishing. For instance, if an email claims to be from a reputable company like Microsoft or a bank but is sent from a different email domain such as Gmail.com or microsoftsupport.ru, it may be deceptive. Please also beware of closely misspelled domains, such as micros0ft.com (where "o" is replaced with "0") or rnicrosoft.com (where "m" is replaced with "r" and "n"). These are typical tactics used by scammers.
-
If you suspect a link or attached file in an email, do not click on it if you believe the email is phishing. Instead, use your mouse to hover over the link to preview it without clicking.
-
Preventing phishing
1. It's advisable to scrutinize the content, language, and grammar used in emails, whether in English or Thai. Phishing emails often contain spelling errors, improper language usage, or colloquial expressions.
2. Check the sender's email address, as phishing emails often use names that don't match the organization mentioned in the email content, or they use similar-looking names. For example, "[email protected]" (incorrect) instead of "[email protected]"
3. Always pay attention to the URL or address that links are directing you to. When clicking on links in attachments to access official websites of organizations, ensure that the URL always begins with HTTPS.In addition, cybercriminals also deceive us into fake websites through other methods, such as text messages or phone calls. They send messages to target groups that are susceptible to deception. These messages often prompt us to enter PIN numbers, OTPs, or other personal information. However, when you receive something that you suspect to be phishing, check it carefully, stay alert, and read thoroughly before taking any action. Hopefully, this article will help everyone understand phishing better and apply this knowledge in their daily lives.