Prevent and detect phishing emails and prevent them from infecting you

The network has become a second home for most of us, and we do not spend a day browsing through it. We use the computer, smartphones and tablets frequently for this, these elements being almost a complement to us.

The information we offer to the internet world is growing, leaving aside our privacy and security. Google knows more about us than our own family . Know where we are going and where we want to go, who we talk to, what interests us and what we want to buy. You really know much more than we imagine and if you want to check all this data we recommend that you do not miss this article in which we will be able to check what this type of information is and how to erase it.

Everything Google knows about me

The fact that we surf the net like fish in the water, is a claim for civerdelincuentes, who seek to take advantage of all this. It is possible that on some occasion we have been victims of some scam online or that we have fallen into the trap of clicking where we should not.

Possible internet scams

The strategies to perform “scams” ​​online are increasingly increasing, thus increasing the chances of falling into them.

Scam applications
SMS scam
Fake antivirus

Being safe depends on us and the precautions we take in this regard. It is no secret to anyone that we are in a world governed by the internet where virtually all the operations and activities we do are online.

As everything in life may not always be beneficial, we know that within the entire movement that takes place every second online there are people looking for ways to harm other users or entities in order to get an economic benefit or many others types. Among the techniques we have mentioned, we can also find the famous phishing emails . These emails try to infect our computer and thus be able to attack us.

Next we will analyze in detail various ways to protect ourselves against this threats that day by day takes more force in the digital world. Phishing

What is phishing

This term had its origins in the year of 1996 and is a simulation of the English word fishing which refers to the technique used to catch fish, this in the digital world indicates that criminals hope to capture information from unsuspecting users or simply that do not take into account the respective security measures. Basically, the purpose of phishing is to steal users' confidential information, such as passwords, document numbers, bank account numbers or credit cards, etc., in order to impersonate this identity and have access to this type of information.

For this, the person who practices phishing makes use of social engineering, that is, simulates being a trusted organization using media such as emails, social networks, among others, so that users provide their private information.

The operation of phishing is as follows

• First, the offender falsifies a reliable access site, such as the mail platform of a particular bank's website.

• Secondly, a message is sent to the victim using some means of communication

• Thirdly, the user who is not cautious accesses the link sent, for example, clicks on the emails received that are not reliable

• Fourth, the victim accesses the website, which has the same appearance as the original, entering their data and credentials there.

• Fifth, the offender has the information and from there he can carry out any illegal activity with them.

As we see it is a sequence of actions which if we are aware of the risk we can cut it from the first point.

The question that arises now for many is, How to recognize if I am a victim of phishing? Solvetic brings some recommendations to keep in mind.

Caution with spam

This is one of the priority techniques that criminals use to access users' private information since many click there, access fake websites and simply give the offender all their access information.

How this works is simple since the criminal can send between 500, 000 thousand and one million fraudulent emails. Suppose that 1% click on the mail, 5, 000 people and of these another 1% access the fraudulent website. In this case the offender has the passwords of 50 people, which can represent a lot of money to the offender and a great headache to the victim. The way to recognize this type of fake messages is because they reach our spam through filters from email providers such as Hotmail, Gmail, Yahoo !, etc.

Once there we can detect various types of fraudulent message such as

• Access to social media accounts like Facebook

• Fake WhatsApp Notifications

• Access to bank accounts

• Court notifications with attachments which contain viruses and malware

• Posts indicating that we won the lottery when we didn't even play it, etc.

The way to detect this type of mail is

• First of all because it is in spam

• We must verify the domain where the email comes from

• For no reason respond or send private information through such emails

• Do not download or run any attachments in a suspicious email.

If we have any questions about the information from an email, we can contact the entity to ask personally or, if it is another type of email, send a notification to the entity to corroborate the requirement.

Disseminate personal information either by phone or secure websites

We have previously mentioned that if it is necessary to update some type of personal information, it is best to call the entity directly or go personally to a customer service office and perform this process there. In case of not being able to go for some reason we can do this through a secure website which most of the entities vulnerable to this type of attacks are implementing today.

The way to recognize a reliable website is that its web address starts in HTTPS and not in HTTP, the S added at the end of the protocol indicates Secure Sockets Layer, that is, that all types of transactions we perform on that site are encrypted and protected. .

Needless to say, it is advisable to take some time and analyze the website before entering, since many fraudulent sites have the same appearance but with spelling errors, for example, you can say www.citiban.com instead of www.citibank.com, and many times for the desire to access we do not take these details into account.

$config[ads_text6] not found

Open popup window links

It is important to remember that a legal website will never request some type of information through pop-up or pop-up windows. The safest way to avoid this is to enable pop-up blocking in the browser or install some type of extension that fulfills this task.

In the same way we should not copy any link from a pop-up window to access from other sites since behind this may come information that will alter everything we enter there.

Set the local network on the computer as private

$config[ads_text5] not found

This is a fundamental security aspect that we can perform on our computers, since if the network configuration is found as public, all the information we execute, including that of the emails where personal information can go, is temporarily stored in the disk and being a public network anyone can access and take it.

It is important that the network is private because we restrict our equipment from being detected by other users in the network. To know how to carry out this process we can go to the following link:

Change connection

$config[ads_text6] not found

$config[ads_text5] not found

Use of applications to protect the computer

One of the ways in which we can increase the operating system's security levels and thereby prevent fraudulent attacks is by counting on tools such as antivirus, anti-malware, anti-spyware, etc.
These have been developed in order to offer a real-time security layer that protects the system from attacks, unauthorized access, fraudulent websites, among others.

Best antivirus

Best antimalware

Constant review of our bank accounts

$config[ads_text6] not found One more step to avoid phishing is to have control over our bank accounts since that is where the criminal is trying to get. It is advisable to perform periodic routines to review our balances, statements, last movements and if you notice something out of the ordinary, immediately notify the financial institution and take actions such as:

• Change password immediately

• Define new ways of entering the bank's website

• Avoid accessing the account from public sites, among others.

Taking this type of control we can know in detail the real state of our finances.

$config[ads_text5] not found

How to protect our Phishing emails in Outlook 2010 and 2016

If the mail manager you use is Outlook, then you will see how to protect yourself from phishing in the Outlook 2010 and Outlook 2016 email accounts in a functional way.

In Outlook 2010 we go to the Start tab, Delete group and there we display the Spam tab where we will select the line Options for spam:

In the pop-up window we make sure that the Disable links and other functions in malicious messages (recommended) box is active. Click on Apply and then OK to apply the changes.

In this way we will prevent this type of messages from reaching our Outlook account and we can protect our emails from phishing.

Note

The procedure in Outlook 2016 is identical, it applies to Outlook 2013.

Configure Gmail to avoid Phishing emails

If the account we use is Gmail, luckily we will be able to make some adjustments that will help us avoid this type of email and therefore reduce the risk of being infected.

The first thing we have to do is enter our Gmail account and go to the configuration of our account located in the upper right corner. Once here, we have to go to the "Labs" tab where we will be able to activate a wide variety of configurations.

$config[ads_text6] not found

We have to look at one of the first options within “available laboratories” and enable the “Authentication icon for verified senders” tab . Once this is selected, we have to save the changes.

Now we can observe in our mail as in all those senders that have been verified, a yellow key appears on the left side of the mail. If this is not the case, it means that this email has not been certified.

It doesn't have to be Phishing those emails that don't have the key on their side but we must be more careful with them. To make sure of this, we can enter inside and in the little arrow located just below the email address, where it says “for me” we have to unfold it and verify that the address is really true.

$config[ads_text5] not found

Despite this, we must bear in mind that if we are not very clear that the mail is legitimate, we must not respond to it in any case or access the links provided in case of doing so to avoid any kind of danger . In the event that we detect any email of this type, we must mark it.

Note

We must remember that we should NEVER enter any personal information in emails that request it and of course no bank account number, password etc. In case you send us a link to do this, we must mark that email as spam. No legal entity will request this type of data by mail.

We must always ensure that in the case of entering personal data, we are doing it on official pages with https security to ensure that the connection is encrypted and verified.

$config[ads_text6] not found

No precaution is much in the world of internet in which we are exposed to many attacks without just noticing. We must not trust, since the responsibility of being attacked depends on our caution and attention in all these kinds of things.

$config[ads_text5] not found

Let us remember the care that we must have in each message that comes to us because the mass sending of phishing does not choose a certain user and we can fall into its trap, affecting our economic, emotional and personal stability, hence these tips to always be one step ahead of criminals.

We therefore expect you to value your security and data as much as we do.