How to identify and avoid phishing scams

Over the past few years, and especially during the coronavirus pandemic, phishing has become the most widespread digital scam. What it is about is sending a message or email pretending to be a known entity, in order to obtain personal data that gives them access to sensitive information. In addition, it can consist of carrying out other crimes such as blocking applications, installing viruses, paralyzing systems, and stealing money, among other things. Therefore, below, we will talk about its forms and how to avoid phishing scams.

What is phishing and how does it work?

As we have seen previously, phishing consists of sending messages or emails that appear to come from trusted sources. For this, it is common to use the names of banks, telephone companies, and energy companies, among others. However, it is phishing when the name is used but it is actually an attacker who intends, with that sense of trust, to obtain confidential information.

To avoid phishing scams it is important to know that these messages or emails include links to websites that are specially prepared by the attacker and that imitate the legitimate company. In this way, the person is invited to enter their personal data. That is why there is a relationship between phishing and spam since they are emails that tend to be sent in a massive way to affect a greater number of people.

Despite this, phishing can manifest itself in other forms than email, although this remains the most widely used medium. We can also find the following methods:

Smishing: by SMS
Vishing: by VoIP
Instant messages on social networks

Avoiding phishing scams: what to do when detected?

The first step to avoiding phishing scams is knowing how to recognize them. This can sometimes represent a certain complexity, however, some of the keys to take into account may be:

Real companies do not tend to ask for personal data via email.
The official company accounts do not have spelling errors, numbers, or names outside the exact name of the company.
In case of changes in the information, data request, or other requests by a real company, this request should be visible on the company's own website or it should be possible to corroborate in the official contact methods.

Considering this, the tips we want to give you to avoid phishing scams are:

Avoid clicking on links: if you have doubts, before clicking it is better that you contact customer service looking for the company directly from the browser or by phone.
Have a good antivirus: it is recommended to have a professional antivirus that is capable of detecting possible scams more easily.
Update your computer: It is always good to have the most recent updates in the web browser and in the operating system.

What if I clicked on a phishing message?

If you have already clicked and fallen for phishing, the important thing is to know that all is not lost. However, it is recommended to proceed quickly. The first thing that should be done is to disconnect from the network, especially in cases where the infected computer is part of a company. That way, you can prevent the attack from spreading to other people. In the case of the mobile, it can be put in airplane mode.

It will be important to take note of what the mail said and who it was supposed to come from, in order to have all the information. Also, it is important to go to the “downloads” part, since there are chances that the malicious file has been downloaded but not executed yet. If this happens, it is important to recognize it and delete it without opening it, proceeding later to do a review with the antivirus.

It may also be important at this time to proceed to change all the most sensitive access passwords so that they cannot be leaked and not allow time for them to access their own accounts. In addition, in companies, it will be necessary to communicate with the area in charge of technological maintenance.

If you have been a victim of phishing, you may also need the support of a digital reputation company that can delete false information published and provides advice regarding the problem. At 202 Digital Reputation, we are specialists in this field and we can help you. Contact us and find out much more about it.