How to Identify and Avoid Phishing Scams

Identify Phishing ScamPhishing is a form of social engineering technique used by hackers to gather sensitive information such as usernames, passwords and credit card details by posing as a trustworthy person or organization. Since most online users are unaware of the techniques used in carrying out a phishing attack, they often fall victim and hence, phishing can be very effective.

With the dramatic increase in the number of phishing scams in the recent years, there has also been a steady rise in the number of people being victimized. Lack of awareness among the people is the prime reason behind such attacks. This article will try to create awareness and educate the users about such online scams and frauds.

Phishing scams usually sends an email message to users requesting for their personal information, or redirects them to a website where they are required to enter their personal information. Here are some of the tips to identify various phishing techniques and stay away from it:

Identifying a Phishing Scam:

  1. Beware of emails that demand for an urgent response from your side. Some of the examples are:

    • You may receive an email which appears to have come from your bank or financial organization stating that “your bank account is limited due to an unauthorized activity. Please verify your account asap so as to avoid permanent suspension”. In most cases, you are requested to follow a link (URL) that takes you to spoofed web page (similar to your bank website) and enter your login details over there.

    • In some cases, phishing emails may ask you to make a phone call. There may be a person or an audio response waiting on the other side of the phone to take away your credit cards details, account number, social security number or other valuable data.

  2. Phishing emails are generally not personalized. Since they target a lagre number of online users, they usually use generalized texts like “Dear valued customer”, “Dear Paypal user” etc. to address you. However, some phishing emails can be an exception to this rule.

  3. When you click on the links contained in a phishing email, you will most likely be taken to a spoofed web page with official logos and information that looks exactly same as that of the original web pages of your bank or financial organization. Pay attention to the URL of a website before you enter any of your personal information over there.

    Even though malicious websites look identical to the legitimate site, it often uses a different domain or variation in the spelling. For example, instead of paypal.com, a phishing website may use different addresses such as:

    • papyal.com
    • paypal.org
    • verify-paypal.com
    • xyz.com/paypal/verify-account/

Tips to Avoid Being a Victim of Phishing:

  1. Do not respond to suspicious emails that ask you to give your personal information. If you are unsure whether an email request is legitimate, verify the same by calling the respective bank/company. Always use the telephone numbers printed on your bank records or statements and not those mentioned in the suspicious email.

  2. Don’t use the links in an email, instant messenger or chat conversation to enter a website. Instead, always type the URL of the website on your browser’s address bar to get into a website.

  3. Legitimate websites always use a secure connection (https://) on those pages which are intended to gather sensitive data such as passwords, account numbers or credit card details. You will see a lock icon Picture of the Lock icon in your browser’s address bar which indicates a secure connection. On some websites like paypal.com which uses an extended validation certificate, the address bar turns GREEN as shown below.

    HTTPS Address Bar

    In most cases, unlike a legitimate website, a phishing website or a spoofed web page will not use a secure connection and does not show up the lock icon. So, absence of such security features can be a clear indication of phishing attack. Always double-check the security features of the web page before entering any of your personal information.

  4. Always use a good antivirus software, firewall and email filters to filter the unwanted traffic. Also ensure that your browser is up-to-date with the necessary patches being applied.

  5. Report a “phishing attack” or “spoofed emails” to the following groups so as to stop such attacks from spreading all over the Internet:

    You can directly send an email to reportphishing@antiphishing.org or spam@uce.gov reporting an attack. You can also notify the Internet Crime Complaint Center of the FBI by filing a complaint on their website: www.ic3.gov.

I hope the information presented in this article will help you detect and avoid various phishing scams that are waiting to rip off innocent Internet users. If you’ve anything to say, please pass your comments.

15 Comments

  1. Shadab
    May 21, 2011 at 2:19 PM

    Great Information….. Really Like it……….


  2. siva_phd9
    May 27, 2011 at 6:28 PM

    Really a Great information.Thanks a lot


  3. Suraj
    July 24, 2011 at 9:27 PM

    thanx for the post it was really nice


  4. mangesh
    July 24, 2011 at 9:31 PM

    I got it now and i will be away from this phishing scams thanks for the information it was good stuff.


  5. Abbadon Czernobog
    August 9, 2011 at 7:34 AM

    i’ve been reading all your posts for so long…
    i have gained bunch of knowledge, thanks, keep it up!!


  6. Abbadon Czernobog
    August 9, 2011 at 7:38 AM

    your good!!!


  7. Viv3k
    December 12, 2011 at 7:04 PM

    Nice this is hot trick


  8. Online Movies Database
    January 24, 2012 at 3:42 PM

    You are really helping all of us… I can`t remember how many emails i have receivedwith fake paypal links or pages…but never really looked at the things you are posting here…

    Thank you very much,


  9. shaan
    April 8, 2012 at 9:34 PM

    Hi Srikanth..thanks for this post..you have a great knowledge about computers and thanks a lot for sharing your knowledge..your post will always help me in improving my computer knowledge..please do continue posting..


  10. Davinder sran
    February 28, 2013 at 4:15 PM

    very nice


  11. Sreejith
    March 8, 2013 at 10:56 PM

    Thanks for the information! It is helpful.


  12. aryan110
    April 30, 2013 at 1:02 AM

    I like this site. its quite interesting. can you write an article on IP address hiding like how its done, how does the new IP bypass the ISP or firewall, dynamically how the IP address keep changing or jump one server to another something like that? any idea or information is appreciated.


  13. ali
    July 7, 2013 at 12:19 PM

    thanks, it really helpful


  14. mobile games
    March 30, 2014 at 12:31 PM

    Hi there! I’m at work browsing your blog from my new iphone 3gs!
    Just wanted to say I love reading your blog and look forward to all your posts!

    Carry on the outstanding work!


  15. zanyarrazaq
    July 9, 2014 at 8:14 AM

    Hi there! I’m at work browsing your blog from my new iphone 3gs!
    Just wanted to say I love reading your blog and look forward to all your posts!


Leave A Reply