Phishing attacks have been around for decades, but they are becoming more and more credible, making users feel increasingly confused about whether they are looking at a legitimate message or website or if they have a scam in front of their eyes, which they can click on. a malicious link.
This issue is not trivial, and a moment of distraction could expose your personal and financial data to cybercriminals, which can have severe consequences.
Signs that a message or website is phishing
- How much does a hacker earn?
- Free antivirus Windows 10
- Best SME antivirus
- Lost call prefix +22
Before addressing the actions to take after clicking on a phishing link, it is important that you first know how to identify one of these scams. Therefore, below we leave you the unequivocal symptoms of these digital frauds:
Suspicious URLs
Phishing web addresses often have small variations from authentic URLs . For example, “amaz0n.com” instead of “amazon.com.” However, although large companies try to take over as many similar domains as they can to avoid these scams, it is obvious that they cannot cover everything.
On the other hand, you may have been able to tell the 0 from the o in the example above, but cybercriminals use slightly better tactics to create fake URLs. To do this, they usually make use of so-called homographic characters , which are those that belong to another alphabet but have a very similar appearance to letters from the Latin alphabet.
Generally, these characters tend to come from the Cyrillic alphabet . Some examples of these characters are various Latin vowels, such as a, e and o. Could you differentiate ebay.com from ebay.com? The first of them is the fake link.
You may now think that you will never be able to recognize something like that, and you are absolutely right. Therefore, we recommend that if you want to go to a specific website, you type it yourself in the address bar.
Grammatical and spelling errors
If cybercriminals are foreigners, they may have errors that are unthinkable in an official communication, such as misspellings, typos, poorly ordered words or first words that do not begin with a capital letter.
This symptom is more obvious and, therefore, easier to detect, although we should not lower our guard to see a well-written text , since cybercriminals can be native to our country or be foreigners but use AI translators to give a more natural tone to the text.
Urgent information requests
This symptom is typical of these messages. Whether it is a false fine, an undelivered package that does not exist or a financial penalty from the bank that has never occurred, what is behind all cases is urgency , making the user understand that if they do not click on the link there will be negative consequences for them. he.
Although some official entities may truthfully request data from users, the best way to find out without clicking the link is to write the URL of the organization in question in our address bar, log in and see if what the message says is really true. what is notified to us in our account. If necessary, a call can be made to confirm.
Unusual email addresses
As in the case of web addresses, cybercriminals try to make users believe that they are receiving emails from official entities, and to do so they use various tactics.
One of the most frequent strategies is the use of similar characters , as we saw previously. An example could be using “[email protected]” instead of “[email protected].”
Another common tactic is to add prefixes or suffixes to the email address , such as “secure”, “verify”, “help” or “service”, which try to give a false sense of security and authenticity.
Suspicious attachments
It is not uncommon to see emails in which, in addition to a malicious link, there is a malicious attachment. They usually look like legitimate documents, such as invoices, receipts, order forms, reports, etc.
However, by opening these files, users can inadvertently install malware on their devices , allowing attackers control over the system and its data.
What to do if you clicked but did not give your information
Now that you know the main signs of a phishing message, let’s look at the first case, in which you click on the phishing link, but fail to provide your personal or banking information.
The first thing you should do is close your browser as soon as possible to avoid any malicious activity that is running on the attackers’ website.
Then, run a scan with your trusted antivirus , and if you don’t know which one to choose, we recently talked about the best antivirus for Windows today.
On the other hand, change the passwords of your most relevant accounts that could be compromised after entering the website, especially if you use the same password on multiple websites.
On the negative side, not entering your data to send it to cybercriminals is a relief, although that does not mean that you are still at risk. Therefore, we recommend that you follow the previous steps.
What to do if you clicked and gave your details
If you have unfortunately given your personal or financial information to a phishing site, take these steps quickly:
- Contact your bank if you gave your card or bank account information so that they can take the appropriate measures and you do not see your account emptied or starting to have unknown transactions.
- As in the previous case, change the passwords of all your accounts and change them to strong and unique passwords for each account.
- We also recommend that you contact the authorities to see possible additional measures, such as filing a complaint or avoiding identity theft.
- Finally, and if you wish, you can contact the legitimate company that has been impersonated so that it can notify its users of the fraud, and thus prevent others from falling.
With these tips and data you should have a good idea of what to do if you click on a phishing link , or directly how to avoid them to avoid greater evils.