{"id":12983,"date":"2018-08-02T06:00:01","date_gmt":"2018-08-02T14:00:01","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/08\/02\/news-6750\/"},"modified":"2018-08-02T06:00:01","modified_gmt":"2018-08-02T14:00:01","slug":"news-6750","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2018\/08\/02\/news-6750\/","title":{"rendered":"Phishing, Part 2: Staying Safe"},"content":{"rendered":"<p><strong>Credit to Author: Brook Stein, Product Management Director| Date: Thu, 02 Aug 2018 13:00:35 +0000<\/strong><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"200\" src=\"https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/20180416022714729-432-YfBpAzJ-800-300x200.jpg\" class=\"webfeedsFeaturedVisual wp-post-image\" alt=\"\" style=\"float: left; margin-right: 5px;\" srcset=\"https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/20180416022714729-432-YfBpAzJ-800-300x200.jpg 300w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/20180416022714729-432-YfBpAzJ-800-768x512.jpg 768w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/20180416022714729-432-YfBpAzJ-800-640x426.jpg 640w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/20180416022714729-432-YfBpAzJ-800-440x293.jpg 440w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/20180416022714729-432-YfBpAzJ-800-380x253.jpg 380w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/20180416022714729-432-YfBpAzJ-800.jpg 800w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/p>\n<p>As mentioned in <strong><em>Phishing Part 1: On the Lookout<\/em><\/strong>, phishing attacks have been around for years, but today\u2019s cybercriminals are adept at using them in an ever-increasing variety of ways to get what they want. According to the most recent <a href=\"https:\/\/pdf.ic3.gov\/2017_IC3Report.pdf\">FBI figures<\/a>, phishing and its variants was the third most popular cybercrime type in 2017, representing nearly $30m in victim losses.<\/p>\n<p>The bad guys want your personal information to commit ID theft, or else they need you to click on a malicious link\/open a malware-laden attachment to hijack your bank account, lock your PC with ransomware, bombard your screen with ads and more.\u00a0 So how do you fight back?<\/p>\n<p>The answer lies with a combination of technology and user awareness. There are tools you can use to filter a great volume of phishing attempts, but a few will always sneak through, and it only takes one misplaced click to land yourself in trouble. That\u2019s why the frontline in the war on phishing messages ultimately lies with improved user awareness.<\/p>\n<p><strong>Don\u2019t get caught out<\/strong><\/p>\n<p>So, what should users look out for? As we\u2019ve seen, phishing messages come in a variety of flavors, but here\u2019s <a href=\"https:\/\/www.trendmicro.com\/en_us\/forHome\/news-center\/article\/The-Anatomy-of-a-Scam-Fake-IRS-Messages.html\">a typical email scam<\/a> Trend Micro has highlighted in its News Center, in this case purporting to come from the IRS:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-541738\" src=\"https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/blog-1.jpg\" alt=\"\" width=\"566\" height=\"476\" srcset=\"https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/blog-1.jpg 728w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/blog-1-300x252.jpg 300w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/blog-1-640x538.jpg 640w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/blog-1-440x370.jpg 440w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/blog-1-380x319.jpg 380w\" sizes=\"auto, (max-width: 566px) 100vw, 566px\" \/><\/p>\n<p>Tell-tale signs of a scam:<\/p>\n<table>\n<tbody>\n<tr>\n<td width=\"20px\"><\/td>\n<td>\n<ul>\n<li><strong>From field:<\/strong> is the \u2018sender\u2019s\u2019 email address familiar? Does it look made up? Is it consistent with the purported sender of the email? Does it appear different if you hover over it with your cursor? All of these could indicate a phishing attempt.\u00a0<strong style=\"font-family: inherit;font-size: inherit\">To field:<\/strong><span style=\"font-family: inherit;font-size: inherit\"> If the sender addresses you generically as \u2018user\u2019 or \u2018customer\u2019 or \u2018recipients,\u2019 in this case, this should be a warning sign.<\/span><\/li>\n<li><strong>Date and time:<\/strong> Was it sent at an unusual time; that is, not during normal \u2018business\u2019 hours?<\/li>\n<li><strong>Subject line:<\/strong> Phishing emails often try to create a sense of urgency to hurry you into making a rash decision. Words like \u201curgent,\u201d \u201cimmediate\u201d and \u201cimportant\u201d are not uncommon.<\/li>\n<li><strong>Body:<\/strong> The content of the message often contains spelling and grammatical mistakes and continues with the sense of urgency to get you to click without thinking.<\/li>\n<li><strong>Link\/attachment:<\/strong> Phishing emails will try to trick you into clicking on one of these, as with \u2018Update Now,\u2019 either to begin a covert malware download or to take you to a legitimate-looking phishing site to fill-in your details.<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<td height=\"10px\"><\/td>\n<td><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>How do I stay safe?<\/strong><\/p>\n<p>Bearing the above in mind, here are a few things you can do to avoid being scammed:<\/p>\n<table>\n<tbody>\n<tr>\n<td width=\"20px\"><\/td>\n<td>\n<ul>\n<li>Learn to recognize all the tell-tale signs of a phishing message. Avoid clicking on any links or opening attachments from unsolicited emails.<\/li>\n<li>If you need to double-check, contact the company that supposedly \u2018sent\u2019 you the email to see if it\u2019s genuine or not, or go directly to the website (e.g., online banking) to log-in. Again, do not use the links provided to go there.<\/li>\n<li>Your default attitude when you\u2019re online should be \u201csuspicious.\u201d<\/li>\n<li>To learn more about phishing, you can also go to <a href=\"https:\/\/www.phishing.org\/\">org<\/a>. The site provides a wealth of more information on the types of phishing you may encounter, what you can do to prevent being taken-in, and includes further resources for study.<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<td height=\"10px\"><\/td>\n<td><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong>What anti-phishing tools can you use?<\/strong><\/p>\n<p>As mentioned, security technology is also your friend when it comes to fighting the phishers. Here are some options:<\/p>\n<table>\n<tbody>\n<tr>\n<td width=\"20px\"><\/td>\n<td>\n<ul>\n<li>Trend Micro\u2019s <a href=\"https:\/\/fraudbuster.trendmicro.com\/\">Fraud Buster<\/a> is a free tool that you can use to submit suspicious emails and text messages for us to check. Using advanced machine learning systems and Trend Micro\u2019s extensive database, Fraud Buster gives definitive ratings to questionable messages.<\/li>\n<li><a href=\"https:\/\/www.trendmicro.com\/en_us\/forHome\/products\/maximum-security.html\">Trend Micro Security<\/a> and <a href=\"https:\/\/www.trendmicro.com\/en_us\/forHome\/products\/mobile-security.html\">Mobile Security<\/a> help to protect users from phishing attacks. They offer protection against spam emails, malicious links and files, ransomware, banking Trojans, coin-mining malware, and much more \u2014 all the kinds of threats associated with phishing. In a four-part series previously posted here on Simply Security, we\u2019ve also provided more information on how to <a href=\"https:\/\/blog.trendmicro.com\/part-1-how-to-prevent-phishing-customize-your-settings-in-trend-micro-security\/\">customize your settings<\/a> for enhanced phishing protection in Trend Micro Security.<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<td height=\"10px\"><\/td>\n<td><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>We\u2019re all exposed to phishing attacks on a near daily basis, whether at work, out and about, or at home. But armed with an understanding of what to look out for and the right tools in place, you can keep your data under lock and key, and your identity and finances safe from harm.<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.trendmicro.com\/phishing-part-2-staying-safe\/\">Phishing, Part 2: Staying Safe<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.trendmicro.com\"><\/a>.<\/p>\n<p><a href=\"https:\/\/blog.trendmicro.com\/phishing-part-2-staying-safe\/\" target=\"bwo\" >http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Brook Stein, Product Management Director| Date: Thu, 02 Aug 2018 13:00:35 +0000<\/strong><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"200\" src=\"https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/20180416022714729-432-YfBpAzJ-800-300x200.jpg\" class=\"webfeedsFeaturedVisual wp-post-image\" alt=\"\" style=\"float: left; margin-right: 5px;\" srcset=\"https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/20180416022714729-432-YfBpAzJ-800-300x200.jpg 300w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/20180416022714729-432-YfBpAzJ-800-768x512.jpg 768w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/20180416022714729-432-YfBpAzJ-800-640x426.jpg 640w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/20180416022714729-432-YfBpAzJ-800-440x293.jpg 440w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/20180416022714729-432-YfBpAzJ-800-380x253.jpg 380w, https:\/\/blog.trendmicro.com\/wp-content\/uploads\/2018\/07\/20180416022714729-432-YfBpAzJ-800.jpg 800w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/p>\n<p>As mentioned in Phishing Part 1: On the Lookout, phishing attacks have been around for years, but today\u2019s cybercriminals are adept at using them in an ever-increasing variety of ways to get what they want. According to the most recent FBI figures, phishing and its variants was the third most popular cybercrime type in 2017,&#8230;<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.trendmicro.com\/phishing-part-2-staying-safe\/\">Phishing, Part 2: Staying Safe<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.trendmicro.com\"><\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10789,19105,19106,15719,3924,19107,714,3925],"class_list":["post-12983","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-consumer","tag-frauds","tag-hoaxing","tag-malicious-spam","tag-phishing","tag-phishing-protection","tag-security","tag-spoofing"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12983","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=12983"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12983\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=12983"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=12983"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=12983"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}