Actualités

Phishing

09-09-2021

These days, we spend many hours online - working, shopping, reading news and blogs, using online banking, handling formalities, and the like. That is why it is important to know how to act safely and protect yourself against fraud. Especially for you, we have prepared an article to explain “phishing,” a popular and frequently used type of attack, and discuss why it is so effective.

Phishing is a form of attack in which scammers impersonate another person or institution to persuade the victim to perform specific actions. The purpose of phishing scams can be to acquire our personal data, payment card information, or the information needed to sign in to various websites. Phishing can also be used by scammers to infect our computer with malware.

Phishing is an extremely popular form of attack because it is highly effective and requires little technical knowledge to execute. Unfortunately, lots of internet users still do not recognize fraudulent messages and do not apply basic precautions when using the internet (e.g. click on links of unknown origin, fail to check the website where they provide their credentials). As a result, scammers have an easy task and derive great benefits from their attacks.

How does phishing work?

Phishing attacks are based on manipulation techniques called social engineering. These are techniques that try to exploit human weaknesses such as vanity, greed, curiosity, fear. They help scammers persuade victims to carry out their planned actions.

How does it work in practice? Here are some examples. An email message allegedly from a bank stating that your account has been blocked No one would like to lose access to their money and be left without any resources for a day or even a few days. Fear motivates us to act quickly and distorts our assessment of the situation. That is why we click on the link and move to a fake bank login page, we enter our customer number and password, and we give scammers access to our bank account.

Email message allegedly from the Tax Office An email message from the Tax Office, prosecutor’s office or the bailiff always causes some discomfort, creating a sense of urgency, and a feeling that the matter should not be ignored, so nobody will wait with reading it and will deal with the matter as soon as possible. Having read the message quickly, we promptly open the attachment to see what it contains. Such attachments usually contain malware, which will be more than happy to install itself on our computer and cause damage.

Courier and problems with delivery Shopping online is a standard today, so a text message from a courier company will not surprise anyone, especially when we are expecting a delivery. And if we are not, perhaps someone wanted to send us a gift, or a partner or child ordered something without our knowledge. Well, a symbolic “1 zloty” surcharge is required, and it would be a pity if the package did not arrive as a result of our not paying. Without hesitation or much thinking, we open the link in the message, go to a fake payment panel, and provide our internet banking credentials to the attackers.

How to recognize phishing?

Phishing attacks may be well- or poorly prepared. Some of them can be identified quite easily, while others will require more knowledge. In this article, we will try to present you several simple ways to defend yourself against phishing scams.

  1. Address of the message sender After receiving a message, it is always a good idea to look at the sender’s email address. If a message allegedly sent from a bank or tax office comes from the domain of a commercial email operator (e.g. @gmail.com, @yahoo.com , @gmx.com, @hotmail.com), this is the first indication that the message may be coming from scammers. A similar situation occurs if the message from the above-mentioned institutions has been sent from addresses in third party domains (e.g. if an email from a bank has been sent from the domain @donut.bakery.com). It is also worth noting that the domain from which the email has been sent may be quite similar to the real domain (e.g. rnbank.pl instead of mbank.pl).

Also note that even if the sender’s email is correct, it does not mean that the message comes from them. Unfortunately, email technology has some vulnerabilities that allow the sender to be impersonated.

In fact, the field “From:” may be completely freely modified by the author of the message, just like the message text. Any of us can send an email with any given email address in the sender field. Of course, to prevent such actions, mechanisms such as SPF or DKIM have been developed to allow verification of this address.

  1. Email text If the text of the email we have received lacks Polish characters or contains some spelling or grammar errors, it may indicate that this is a phishing email. The situation is similar if the email text appears to be a translation made by an artificial translator.

  2. Links and attachments Before clicking on a link or opening an attachment, it is a good idea to take a closer look at it. For links, also remember that the hyperlink that we see in the email, e.g. supergieldacrypto.pl (here we provide an address in the form of a website which redirects to BB) does not always lead to the website we see. The case is similar for buttons such as “sign in” or “go to bank page”. So for these buttons, it is better to go to the website by opening a new tab in the browser.

As for attachments, it is a good idea to take a note of their extensions. The file “faktura.exe” is not a PDF file, even if it has an icon normally associated with such files. Also, we should be wary of any zipped attachments, especially if they are protected with a password included in the email body. On the one hand, this is a way of preventing the archive contents from being scanned by email server security processes, and on the other hand, the recipient is even more interested in the contents of the zipped attachment - after all, nobody secures worthless information in that way. If your email contains a .doc file that asks you to activate “macros” after it is opened, this should also be a red flag indicating that it might be an attempt to infect your computer.

Remember to always be alert and careful. Do not open every attachment or link in every message. Before doing this, always consider whether you have been waiting for this message and whether you should receive it at all. If messages come from a bank, office or any authorities, and you have any doubts, it is best to call them at the telephone number provided on their official website.

Want to check if you can recognize whether a message is a scam? You can participate in a quiz specially designed by Google: https://phishingquiz.withgoogle.com/