Attention is the number one line of defense in protecting against phishing: Read Part 1 of the Anti-Phishing Strategy.
You should pay particular attention to:
·
Check the Sender's Email Address. HTTP:
//sparkasse-frankfurt.de@241.128.219.013 does not lead to the Sparkasse, but to
a fraud site that is hidden behind the ominous IP address after the @.
·
Checking Links and Redirects. Emails with redirects
and links that lead to other pages and appear unusual in the overall picture of
the other factors should be viewed with caution and should be deleted
immediately without opening. If you go over the link with your mouse over,
you will see e.g. B. relatively quickly based on the destination URL that
this cannot be a legitimate e-mail. Also, check whether the target page
is HTTPS-secured and the
certificate is correct.
·
Be Careful with Email
Attachments! Attachments are one of the most skillful strategies and traps used by
phishing scammers. Attachments with supposedly serious content such as “new
terms and conditions”, “your invoice” or “last reminders” often contain Trojans
that have the purpose of installing spy software after opening. This will
suck all the customer data you want from your computer in no time at all.
What can you do? Move the mouse
pointer over the attachment and display the properties. If the file types
are .exe, .com, .bat, .cmd, .vbs, .js and also zip, it is better to delete the
e-mail - there is a lot to suggest that the attachment is malicious software
with Trojans, viruses, worms and contains something similar.
·
Be Careful with Log-In or Bank
Connection Queries! E-mails from known and/or unknown providers that
immediately request login data or bank details and credit card numbers are
almost 100% fraudulent and should be deleted immediately without opening.
·
The Email Header Reveals the Sending
Server! A fraudulent e-mail can forge the sender address, but not the digital
transmission route - the header of an e-mail reveals the server via which the
message reached the recipient. This is how you can display the header for
your mail account:
Thunderbird: View-> Header-> All
Outlook : View-> Options-> Message
Options
Apple Mail : View- >
E-Mail-> All Headers
Web.de and gmx.de: "i" next to the
date display
Yahoo : Actions-> entire header area
Gmail: show original
Example:
From: smtp-out-123-… dienstleistungs.com -> delivering server
by mx.google.com… .. -> receiving server
for <…@gmail.com>
·
Phishing Protection Software
All common antivirus software manufacturers have also integrated
appropriate phishing protection, here is a small selection:
AVG
Avira
Protegent Free Antivirus
Companies and Organizations Against Phishing and Cybercrime - You
Can Help
Phishing is a major nuisance for internet users and consumers. The
companies on whose behalf these phishing emails are written are also in
trouble, for example with regard to damage to their image and loss of trust. Some
corporate initiatives have set themselves the goal of combating phishing and
cybercrime - a difficult battle.
The Anti-Phishing
Working Group is a global association of companies and
organizations from different countries, which has set itself the goal of bringing
experiences with phishing to a knowledge platform and taking
counter-initiatives. Users can also bring in and share their phishing
story there and contribute to a phishing trend report.

No comments:
Post a Comment