Phishing

The Western Weekender newspaper has asked me to do a selection of articles on topics relevant to their readers. Given the amount of hacking and phishing activity occurring at the moment, I decided to cover off How to Secure your personal and banking details from hackers.

The article link is Western Weekender.  The expanded article with additional information is below.

What is Phishing?

Have you ever received an email from your bank, the ATO, a credit card company, an airline or any reputable company with an offer of a free holiday, cash bonus or a request for you to update and verify your information? These too good to be true offers usually are and it means that you have been phished.

Phishing is a way criminals trick people into giving up personal or financial details, by pretending to be a legitimate business. These attacks can come from text messages, phone calls, emails, social media, advertising, and internet popups. The most popular phished brands include Microsoft, PayPal, Australian Banks, Dropbox, Apple, Google, Airlines and Adobe.

Australia Post is phished at Christmas. With the increase in online shopping, it is very easy to click on a link purported to be from Australia Post to check the status of your delivery. It could be FedEx, DHL or any other courier company. Even if you suspect it is valid, instead go directly to their website and enter your tracking code.

During tax time, you may receive emails purportedly from the Australian Tax Office, asking you to verify your details. The verify button is a link with malicious code embedded. It could also be an energy bill, phone bill. or any other bill or late payment request from any respectable company requesting an immediate payment via a web link.  Again, these are all Phishing Scams. Always go directly to the company website and look up your account. Never, ever click on the embedded link.

Phishing results in your web browser being redirected to a fake webpage that looks legitimate. You enter your details, it then transfers you to the real company’s website. Unfortunately, your details have now been captured, and you make not even realise it.

How do you protect yourself;

• Do not click on links or open attachments from emails that ask you to update your personal information. Just delete them.
• If you are unsure, do an internet search for the contents of the email with the word “scam” at the end. This will identify many scams.
• When entering your credit information online ensure the website starts with HTTPS (not HTTP) and check for a padlock symbol in the address bar. This ensures the data is encrypted and is unlikely to be a phishing attempt. 
• Once phished you may get a phone call, they may have personal information about you and convince you to hand over your credit card information. Don’t.
• Most web browsers either have built-in tools or can have a toolbar add in to identify phishing or fake sites.

Browser Protection (Desktop)

Most modern web browsers have builtin fraudulent site protection. Safari, Firefox, and Chrome on the desktop use Google’s Safe Browsing Service. Google constantly update the list of website links that lead to malware. In today’s environment having multiple products to protect you is an accepted practice.

Microsoft Internet Explorer has been replaced by  Microsoft Edge. By default, Edge has built-in protection.

There are a range of third-party security add-ons, not specifically aimed at phishing but are worthwhile installing, these include – Adblock Plus, Ghostery, and Tampermonkey. All of these are multiplatform.

Security / Anti-Phishing Toolbars for Microsoft Edge Browser

Edge is included with Windows 10. Microsoft takes security very seriously throughout its product range and Edge is no different. Security features included with Edge

• Built-in Phishing protection. Using Microsofts SmartScreen technology, Edge does a reputation check on any websites you visit. If it detects any issues it let you know.
• Edge runs as a sandboxed app. If Edge gets compromised it will not extend across your computer.

Anti-Phishing Extensions for Chrome Browser

• Has built-in protection currently using Googles Safe Browsing Service.
• Windows Defender Browser Protection: Microsoft has released this as a browser extension for Chrome. It is the same protection as built into Edge, and offers an additional layer of protection. (Recommended Installation)
• Avira Browser Safety: This protects you against infected sites, malicious ads and online snoops.(Recommended Installation)
• Bitdefender TrafficLight: This add-on intercepts, processes, and filters all Web traffic blocking any malicious content and taking browser security to new levels.
• Most Security and AntiVirus companies provide similar tools. 

Anti-Phishing Extensions for Firefox Browser

• Has built-in protection currently using Googles Safe Browsing Service.
• Avira Browser Safety: This protects you against infected sites, malicious ads and online snoops. (Recommended Installation)
• Bitdefender TrafficLight: This add-on intercepts, processes, and filters all Web traffic blocking any malicious content and taking browser security to new levels.
• Most Security and AntiVirus companies provide similar tools. 

Anti-Phishing Extensions for Safari Browser.

• Has built-in protection currently using Googles Safe Browsing Service
• Bitdefender TrafficLight: This add-on intercepts, processes, and filters all Web traffic blocking any malicious content and taking browser security to new levels.
• Most Security and AntiVirus companies provide similar tools. (Recommended Installation)

If you have been a victim of phishing, contact your financial institutions, change all your passwords and report it to the ACCC scam watch website.

More Information on how to avoid Phishing, or if you think you may be a victim of Phishing

If you believe you may be a victim of Phishing or you would like some obligation free advise contact Nortec on 02 9894 9514 or fill out the form below and we will get back to you.

[gravityform id=”1″ title=”true” description=”true”]