How to Protect Yourself from Evolving Phishing Scams

Written by induction | Published 2023/10/31
Tech Story Tags: phishing-and-malware | phishing-email | i-recorded-you-scam | fake-microsoft-log-in-scam | fake-facebook-login-scam | new-email-based-scam | internet-security | cybersecurity

TLDRViruses and trojans are common for Windows OS-based machines, and Linux distributions are not completely immune to the virus, but they are comparatively more secure. Attackers are evolving every day with new tricks and techniques to inject malware into your system. This is the article to protect you from such scams in your online world.via the TL;DR App

Viruses and trojans are common for Windows OS-based machines, and Linux distributions are not completely immune to viruses, but they are comparatively more secure. Attackers are evolving every day with new tricks and techniques to inject malware into your system. The most common method they have been using for a long time is the technique of phishing, in which they create fake domains that resemble almost the same as the original one. This is the article to protect you from such scams in your online world.

Here are several examples and remedies for you to be protected.

đź“ĄThe First Example:

Here, the scammer has cleverly adjusted the phishing link in any of the clickable options in this email, which could potentially be dangerous, as it may enable them to steal your sensitive login credentials or remotely install malware on your machine.

đź’€What you should not do in this case?

  • Don't rush to click on 'Report the user' or 'Yes, me,' or any of the clickable options.
  • Don't respond to this email; scammers might detect your IP address when you reply to their email.
  • Don't open the email if it is already in your 'Spam Folder.' Some spam emails like this can contain a virus body or malicious attachments with dangerous scripts.

💀The Second Example: “I’ve Recorded You!” Scam

Let's take a look here. The email appears alarming, expecting your immediate action. Sometimes attackers may include your publicly available phone numbers or other details in this type of email. However, in reality, this is an outright scam, and they have not yet hacked your device.

đź’€What you should not do in this case?

  • Don’t take enough stress, locate where the email is sent. If it is in your “Spam Folder”, safely ignore it which will be deleted after 10 days as per your email preferences.
  • Don’t rush to pay BTC as the scammer demanded in this sort of email without understanding the crux of the matter.

đź“ĄThe Third Example:

In this example, the attacker has attempted to deceive the victim with attractive fake offers, increasing the likelihood of ordinary users clicking on the highlighted clickable options.

đź’€What you should not do in this case?

  • Don’t be greedy to act quickly ! It’s a TRAP !! Don’t click on the any of the options mentioned in this sort of emails.
  • Don’t reply to this sort of email even you know this is scam.

đź“ĄThe Fourth Example:

It is quite similar to the third one, and the same precautions should be applied in this case as well. Here, attackers have presented an enticing fake offer, making it highly likely that common users will click on the mentioned options.

đź“ĄThe Last Example:

This is one of the most notorious spam emails in which attackers attempt to lure users into clicking on a malicious link. Their ultimate goal is to steal your Microsoft passwords registered on your PC. Although it may appear similar to a Microsoft email, it is, in fact, a scam. You can verify the sender's address to determine its authenticity.

Again, don’t click on their “ Report The User” button without confirming the sender’s email.

âś…So, what steps should you take to protect yourself from these types of email-based phishing attacks?

Here is the most actionable stepwise guide:

  • Avoid storing your passwords in online browsers, regardless of software companies' claims about their safety. Instead, consider creating an offline copy and storing it in a secure location. While this process may seem somewhat complicated, it can help safeguard you from substantial losses.

  • If you are registered on any crypto trading platforms, please adjust the secret phrase in your settings. This way, whenever an exchange sends you emails, your secret phrase will be present, making it easier for you to confirm that the email has been sent from an authentic source.

  • Once you receive such alarming emails (as mentioned above), check your account first to track the active sessions. You can easily do this on popular platforms like Facebook, Outlook, Gmail, and many more. In the case of a Google account, you can find the options in your settings below. If you are not familiar with any of these devices, you should immediately change your passwords and remove such devices from the list. If you confirm that unknown devices have already gained illegal access, you should report it to the relevant authority as soon as possible.

  • Don't forget to create the strongest passwords, like "34VgH67$5%#HJkl," by mixing upper and lower-case letters, numbers, and special characters. This will make it challenging for scammers to decrypt your passwords. Also, avoid using the same password for multiple accounts.

  • Enable multi-factor (2FA) authentication on your important accounts so that passwords alone will not be sufficient for attackers to access your accounts.

  • Some malicious adware could also install malware on your devices, so it's advisable to install ad blockers to prevent aggressive ads.

  • Install high-quality antivirus software, which serves as your lifeline, and enable the firewall. Regularly update both the virus database and the software product, and scan your devices. This software is invaluable in protecting you, even if you accidentally click on a malicious link.

  • If you have a habit of neglecting browser and OS updates, be warned! Developers continuously work to patch their systems against new and evolving threats, so ensure that all your software is up to date to the latest version.

  • Don't add random add-ons to your browsers without checking their reputations. If they don't serve a necessary purpose on your machine, consider removing them rather than keeping them on your devices. It's worth noting that some of these add-ons may be equipped with crypto-mining capabilities.

  • If you are asked to provide your work email for any kind of subscription, exercise caution and think twice before proceeding.

  • Once you receive phishing or spam emails, establish rules to block the senders. Furthermore, report them so that your service providers' developers can fine-tune the system to automatically block such emails. Always double-check the sender's email address, as many of these messages may come from compromised, random servers like cfgty.cz, vfgrynmjghg.com, and so on.

Stay Safe, Be Safe! Thank You🙏 !

Written by induction | Die-Hard fan of Nikola Tesla.
Published by HackerNoon on 2023/10/31
ABOUTHow hackers start their afternoons. We publish tech stories and build publishing software.

READEntirely free library read by hundreds of millions to learn anything about any technology.

WRITEHackerNoon elevates quality technology writing far and wide across the interwebs.

PARTNERHackerNoon works directly with tech companies to place ads by content relevancy