Antivirus software and firewalls help prevent phishing.
Phishing is a term used in the field of computing to refer to a crime that is carried out by replacing a user's identity . Through fraudulent action, a criminal obtains confidential data that he exploits for his benefit.
Phishing can result in the criminal accessing bank account or credit card numbers , for example. With this data in your possession, you are in a position to steal money from the accounts or use those amounts to make purchases without the legitimate owner of the resources noticing.
Development of phishing
Many times this type of cybercrime is carried out through an email that appears to come from a trusted source (a company, a government office, a close friend of the victim, etc.), when in reality it is a fake message . These emails usually contain a link to a site where the recipient, deceived, enters their personal information and unknowingly provides it to the criminal.
Another possibility is that the individual reaches fake websites through another means, such as an instant messaging communication or even a search engine . On the surface, the site with the misleading URL appears to belong to a company or government agency, but it is nothing more than a front for data theft.
Since phishing is generally carried out using a name and even a trusted image (such as a company logo), in addition to putting in the sender the real data of the person they are impersonating (the name of an employee or an Internet address that is too similar to the original, for example), it is very difficult to detect this type of attack with the naked eye. However, there are certain details that give them away in most cases.
A large-scale phishing attack has multiple simultaneous victims.
The malware
Malware is a concept that comes from the English expression malicious software (that is, malicious computer program). This type of software performs functions that the user is unaware of, being designed to steal data or cause other types of damage.
It is common for malware to be associated with a computer virus . In any case, there are malicious programs with different purposes. Worms , for example, spread to attack a network, generally consuming bandwidth.
Spyware , on the other hand, is installed without the user noticing. It is usually used to extract confidential data from the computer or phone in question.
Trojans are also part of malware. In this case, they are presented as harmless programs that, once executed, allow an attacker to have remote access to the affected device and can engage in phishing.
A keylogger is another resource used for cyber attack. What it does is record the keys that are pressed, which can provide access to credit card information or a password.
Ransomware (which makes it possible to hijack information through file encryption) and adware (adware that, in its harmful version, collects personal information) are also among the tools that can be used for computer crimes, including beyond phishing.
Taking care of the security of the operating system is key to data protection.
How to avoid phishing
To avoid this cybercrime, we must take into account various details every time we decide to read an email message or click on a link. The first thing we can mention is that companies do not request personal information via email, especially banks or those entities in which our money is at stake. That's why we should never respond to messages that we haven't specifically requested or click on their links .
In what cases could we request a message with a link ? For example, when we want to recover or change our password: the normal thing is to receive a link that directs us to a form where we can enter a new password. Something similar happens when we register on a site that requires confirmation of our email address. But apart from these two situations and some very exceptional similar ones, we should distrust any message that forces us to interact with its elements.
Another recommended practice to avoid phishing and take care of cybersecurity is to be wary of attachments that arrive to us without us asking for them or without the sender having told us that they would be sent to us. If a coworker tells us that we will receive a scanned document via email throughout the day, we should not be suspicious; But if we receive a message of this type spontaneously without prior notice, the best thing we can do is contact the sender and ask them to confirm that they really sent it to us. Of course, we should not use the "reply" function, but rather write a new and independent message, or take advantage of another messaging program.
Those who have been victims of phishing know that, sometimes, criminals try to appeal to our sensitivity by using sad stories or promising us rewards if we follow their instructions. They may also try to make us believe that our safety is in danger.