As technology develops, digital crimes are also increasingly busy with various modes, including phishing. What is phishing? What are phishing actors looking for, and how to avoid it? Come on, let's discuss more in the article! Keep watching until the end!
What is Phishing?
Phishing is a digital crime to ask (lure) someone to reveal confidential information such as usernames and passwords by sending important fake messages, which can be e-mails, websites, or other electronic communications.
There are three types of data targeted by phishing, namely personal data (name, age, address, telephone number), account data (usernames and passwords), and financial data (credit card or bank account information). Those data can be used directly by criminals to deceive victims or sold to other parties to commit irresponsible acts.
Phishing Types
Two types of phishing are popularly used for crimes in cyberspace, namely:
-
Phishing clones
This type of phishing is most often carried out using electronic mail or e-mail that looks official and contains attachments. The attachment is then used to retrieve data from the victim and then send it again to the place desired by the perpetrator.
Sumber : Merdeka.com
-
Spear phishing
In this type of phishing, the perpetrator generally searches for and recognizes data from the target so that the victim will not suspect that he is being attacked. Therefore, this type of phishing has a higher success rate due to its more specific target. The data usually taken from this type of phishing practice is in the form of passwords, credit card numbers, telephone numbers, and bank account numbers.
Phishing features
You can also learn the following phishing traits to avoid them.
-
Request personal information
Phishing is a manipulative crime because usually, the perpetrator asks the victim to fill in highly confidential personal information such as usernames, passwords, OTP codes, debit/credit card numbers, and CVV/CVC. The perpetrator asks for the victim's personal information by sending a link (link) to click on or a fake file to download.
You must remember that even bank employees cannot ask customers for this data. If you get a message asking for this data, it is better to ignore the message, block the sender's number/account, and report it to the bank.
-
Creates a sense of urgency
Phishing actors will usually ask the victim to make a decision as quickly as possible for various reasons, such as a promo that will end soon so that the victim will lose money if they don't take it, there is a suspicious transaction that must immediately block the card/account, profit opportunities from doing business, and others.
-
Using a fake identity
The third characteristic of phishing is that the perpetrator usually uses a fake identity, such as on behalf of an agency, company, or friend of the potential victim, to make the victim immediately believe the perpetrator's orders to provide sensitive data.
Some time ago, for example, many phishing scams were using APK files via messages on behalf of a logistics company. The perpetrator usually creates a website address identical to the original website to make the victim believe it.
For example, there is a fake website that acts on behalf of Bank MAS by creating a website with an identical name, such as bankmass.co.id, while the original website, bankmas.co.id, only use one "s" at the end of the website address.
For that, you should double-check who sent messages to agencies, companies, or your colleagues who are named.
-
Phishing victim targets are not specific
The last feature of phishing is that usually, the perpetrator does not specifically target certain victims. This is indicated by phishing messages, which generally do not specifically state the victim's name. Perpetrators will use common greetings in their messages, such as "Dear Customers," "Dear Sir," "Dear Customers," and others.
How to Avoid Phishing
After knowing the characteristics of phishing, you can avoid it in several ways.
-
Do not click links or pop-ups and download suspicious files
If you receive a suspicious message asking you to click on a link or links, you should not click on the link. It could be that the link is part of a phishing practice sent by the perpetrator to steal your personal data.
Also, be careful when downloading files sent in messages such as emails, as they can contain viruses/malware that can steal sensitive data. Likewise, if a suspicious pop-up appears, don't click and enter your user ID and password in the pop-up.
-
Unknown phone alert
Phishing practices are not only through suspicious links or messages sent by perpetrators but can also be in the form of telephone calls. So, you must also be vigilant when receiving calls from unfamiliar numbers you don't recognize. If forced and have already received the call, listen to what interests the person calling. If there is a request regarding privacy matters or sending money, you should immediately hang up the phone.
-
Don't share important information
Never share sensitive information such as personal data via a reply to messages such as sms, or chat on social media, email, websites, and telephone if there are suspicious messages or calls on behalf of an agency or company. Remember that an agency or company will not ask customers for sensitive information via SMS, social media, or email.
If you receive a suspicious message or call and act on behalf of Bank MAS, you can contact Bank MAS Call Center at telephone number 021-3000-2500 or via email to customer care@bankmas.co.id
-
Change passwords regularly
The fourth way to avoid phishing is by regularly changing your accounts' passwords on social media and in banking. Changing passwords regularly secure your accounts so they are not easily hijacked by phishing and other crimes.
-
Access websites that use SSL
When you visit a website, make sure the website you are visiting uses has received an SSL (Secure Socket Layer) security certificate as a sign that the website is safe. Websites with SSL usually access the protocol "https://" not "http://."
You can also distinguish it from the padlock image that appears before the URL address.
Source: Shutterstock
-
Install Antivirus
The last way to deal with phishing is that you can install an antivirus on your device to avoid malware. Currently, many antiviruses are available for computers and mobile phones in the Play Store. You can choose to subscribe to a trusted antivirus by looking at the ratings and reviews from other users.
That's a discussion about phishing starting from its meaning, characteristics, and how to avoid it. You can also read other safe transaction tips on the Bank MAS website to prevent different modes of online fraud and keep your digital transactions safe.
Sources: