What is phishing?
Phishing is a widespread form of cybercrime which targets your personal information, such as usernames, passwords, credit card details or other information that gives criminals access to your personal information or financial accounts. Phishing can result in identity theft, stolen funds or loss of control over sensitive information.
How does phishing happen?
Attackers usually send e-mails that ask you to verify your account, re-enter your username and password, make a payment once again, etc. Phishing scams impersonate a legitimate company or person you normally trust, and use this trust to try to get your personal or account information, usually by requesting that you click on a link within the e-mail. Phishing usually succeeds because of how closely these e-mails resemble the authentic look, feel and tone of the actual company or person they are impersonating.
Some phishing e-mails might include general greetings and content, while some might even include names, position titles, a company’s phone number and other information which makes the sender seem more trustworthy. Sometimes these phishing e-mails contain links to what appear to be legitimate or valid websites but instead, when you click on them, you are redirected to a malicious website.
How to avoid phishing?
You should keep in mind a number of tactics to help avoid being a victim of phishing:
- Be cautious about any request asking for your data. First and most importantly - be cautious if someone asks for any personal or account-related data from you through e-mail - either through a link or directly in the e-mail itself. Could this data help someone else access your accounts? If yes, consider an alternative way to handle the e-mail. If fraudulent, do not reply, delete and report to NBX. If you are sure it is not fraudulent, proceed in whatever way you would normally answer the e-mail.
- Check sender’s e-mail address. Does the e-mail have any typos? Are there unknown people added in CC? If yes, then the e-mail is most probably a phishing e-mail.
- Carefully examine the link in the e-mail. Hold your cursor over the link. Does it show the same address you are expecting to see or a different one? Did you expect such a link? Do not click on it unless you are completely sure it directs you to the website you need.
- Be cautious if the e-mail is unexpected. Your friend or manager is asking for some personal information in the e-mail. Did you expect to receive such an e-mail? If no, try to confirm through another form of contact (i.e., phone or an e-mail that you initiate) that the request is genuine.
- Sense of urgency. Most phishing e-mails include a sense of urgency: “Your account needs immediate verification, otherwise it will be terminated!” Be very careful if the sender asks you to take action NOW, threatening that something bad will happen. If it really might be something real and urgent, contact them directly.