• Friday, September 11, 2020

“Feeling safe makes a man incautious”,

Alexandre Dumas

 

 

What is Phishing, and How Do People Fall for the Bait?Что такое фишинг и как люди попадаются на удочку?

 

История развития интернета началась с далеких 70-х XX столетия, но лишь в 90-е того же века появляется всемирная паутина (World Wide Web) и происходит ее стремительное разрастание во многие частные и публичные сектора социума. Разработка более удобных интерфейсов и протоколов передачи данных, а также систем маршрутизации и адресации ссылок, способствовала не только появлению новых механизмов экономического и социального взаимодействия, но и расцвету киберпреступности. Такие слова, как взлом, хакер, троян, есть в лексиконе практически каждого человека в мире. О вирусах Уолт Дисней даже снимает мультфильмы.

 

 

“Ralph Breaks the Internet”



Unfortunately, the “cybercrime vocabulary” is not over with those popular words. There are many other less popular forms of cyber fraud, which millions are still unprotected from. In this article, we’ll look at the most common method of malicious code - phishing.

 

Phishing (from fishing)

 

The name itself justifies the way the attacker obtains the victim's confidential data. Scammer tricks an unsuspecting user into his site through direct or indirect links, and then, in a very polite manner tries to obtain your sensitive data (passwords, credit cards details, or personal information). Wherein, the victim doesn’t suspect a catch, as the visual appearance of the form is often disguised as the brand and style of well-known organizations. 

 

The ways of the phishing messages transmissions are quite extensive. From a simple email to a harmless SMS on your phone. Every year the methods of spreading of phishing messages updates, but there are common features which will help you to recognize this kind of danger: 

 

  • content of the message is strange and suspicious;

  • sender's name does not match its content and / or consists of a suspicious characters set (since the sender’s address is often disguised it’s better to disclose the sender’s name); 

  • any self-respecting company will never ask its users to provide a password or any other private data in a message. Large companies have password reset mechanisms on their sites, and any bank details are entered directly on the site after performing a certain series of actions (purchase, subscription, etc.);

  • the message was sent by an unknown person, with unfamiliar content that does not match your past actions



Especially beware of files attached in such a mail (the formats vary from an executable exe file to a MS Office document),as a running file is able to instantly execute embedded malicious code and infect your system, and then steal your personal information, or send a huge amount of mail messages on your behalf.







Pay attention to the sender's address. It seems to be quite safe. However, the recipient did not order the parcels via DHL, in addition, the letter contains an attachment with the htm extension, upon opening which the malicious code will be executed.

 

How to protect against such threats?

 

First of all, you should never open suspicious messages (professional services mark such messages as spam). Yet, if you’re receiving a large amount of junk mail, it is better to purchase professional anti-spam tools provided by your hosting provider. In addition, these tools are able to secure your outgoing emails. It is especially important to enable this protection tool when using corporate mail, since any unauthorized mailing makes both the network reputation of IP addresses and the reputation of your brand worse.

 

When needed (and it’s better not to wait for such a need and to be secure in advance) you can use the special means of your mail security by BITEP.  Just select the required level of service (details are in the description of the service) and make payment. 



What are the benefits of hosting mail?

 

Compared to alternative cloud mail services with all-inclusive and disk space limits, hosting mail allows the client to choose the required level of service and security. Plus, the client can use all available disk space both for storing mail and for hosting other digital resources (website, application, data). This helps you to use resources more efficiently, as the price is formed not on the basis of users number, but based on the number of domains, helps to smoothly scale and flexibly configure the interaction of mail with applications hosted on its account. We offer to try out the mail security tool with a special coupon EMAILSEC2020, which allows the customers to purchase the service with a 30% discount.