Phishing Taking a New Twist In Nigeria
Phishing is the attempt to obtain sensitive/confidential information like passwords, usernames, and credit card details from unsuspecting victims often for fraudulent reasons. The intent of the sender (PHISHER) is to scam the recipient into giving out their private information and ultimately use it for malicious activities.
No email user that has not received an email directing them to visit a recognizable website where they are being asked to update their information. The site needs you to verify or update your details. You are familiar with the business name because you might have done a transaction with them in the past.
Phishing messages are written to look genuine, and often copy the format used by the business the scammer is pretending to represent, including their branding and logo. It is simple to make a Web site look like the legitimate site by cloning the HTML code. These phishers will take you to a fake website that looks like the real one but has a slightly different web address. For example, if the legitimate site is ‘www.realbank.com.au,’ the scammer may use an address like ‘www.reallbank.com.’ The cloned websites are created with the sole intent to steal your information.
Phishing attacks start when a scammer contacts you pretending to be a business or corporation such as a bank. You may be contacted by email, phone call, text message, and social media.
The scammer asks you to confirm or provide your personal details. As shown in the image above the scammer may say that the bank or organization is verifying customer records because of database upgrades. Often phishing, emails appear to come from sites and companies with which you do not even have an account. People aged over 65 are the most vulnerable.
Many of these people are professional criminals. They spend a lot of time designing emails to look authentic. Users need to assess all emails requesting personal information carefully. When reviewing your email remember that the “From Field” can be easily changed by the sender. While it may look like it is coming from a company you do business with, looks can be deceiving. Such emails always include a clickable link that the recipient can follow to update their information quickly.
An excellent way to check the legitimacy of the link is to point at the link with your mouse. Then, look in the bottom left-hand screen of your computer. The actual website address to which you are being directed will show up for you to view. It is a swift and easy way to check if you are being directed to a legitimate site.
What to look for in a phishing email
- Forged link. Even if a link has a name you recognize somewhere in it, it doesn’t mean it relates to the real organization. Roll your mouse over the link and see if it matches what appears in the email. If there is a discrepancy, do not click on the link. Also, websites where it is safe to enter personal information begin with “https” — the “s” stands for secure. If you do not see, “https” do not proceed.
- Requests personal information. The point of sending phishing email is to trick you into providing your personal information. If you receive an email requesting your personal information, it is probably a phishing attempt.
- Sense of urgency. Internet criminals want you to provide your personal data now. They do this by making you think something has happened that requires you to act fast. The faster they get your information, the faster they can move on to another victim.
- Generic greeting. Phishing emails are usually sent in large batches. To save time, Internet criminals use generic names like “First Generic Bank Customer” so they don’t have to type all recipients’ names out and send emails one-by-one. If you don’t see your name, be suspicious. CREDITS
Don’t click on links in phishing emails even if the message look likes one from an organization you trust. It is not. No business or company will ask you to send sensitive information via insecure channels.