News

World
Politics
Business
Science
Sport
Archive

Latest In

News

Finance

Investing
Banking
Freelancing
Real Estate
Personal Finance & Wealth
Fintech

Latest In

Finance

Celebrities

Hollywood Spotlight
Music Artists
Next Gen
Celebrity Couples
Royals
Global Icons

Latest In

Celebrities

Entertainment

Movies & TV Shows
Reviews
Technology
Gambling
Fashion
Trending

Latest In

Entertainment

Crypto

Bitcoin
Altcoins
NFT
Mining & Security
Strategies & Analysis
Blockchain

Latest In

Crypto

Travel

Latest In

Travel

Health

Nutrition
Medical Conditions
Beauty
Reiki
Wellness Tips
Drugs & Supplements

Latest In

Health

Others

Society
Culture
Numerology

Latest In

Others

7 Myths about Anti-Phishing That You Should Know

Myths about the "Anti-Phishing tips" that online banking websites offers.

Author:Paolo Reyna
Reviewer:James PierceMar 03, 202188.8K Shares1.6M Views

Anti-Phishing Tips Debunked

Any other online banking website also has a "anti-phishing tips" page that teaches the average computer user how to combat those irritating emails that collect personal information. While this is a commendable educational program, many of the tips, including those that come from security experts, are in reality dubious, wrong, or misleading. The most popular myths are debunked in this post. You'll find a few pointers at the bottom of this page that will help you correctly distinguish both legitimate and impersonated websites.

Myth #1: Secure, Encrypted Web Page Indicates A Valid Website

Never depend solely on the "https://" prefix or the padlock icon to signify a "safe" page, contrary to common belief. A legitimate SSL certificate can be found on a phishing website. You may want to look at the certificate's information to see if the "Common Name" field matches the host name of the organization's website, but this may take some technical knowledge.

Myth #2: Secured By [insert Authority Name]. Click Here To Verify

Have you come across those? They are, after all, useless. The splash window that appears when you click the link does not guarantee that you are on a safe website.

Myth #3: Address Bar Always Shows A Correct URL

Another erroneous suggestion is to check if the URL in the address bar is right. It is insufficient to guarantee the legitimacy of a website. Phishers can be able to spoof details in the address bar thanks to flaws in browser software. Another form of attack (DNS Spoofing) will fool you into thinking you're visiting a legitimate website.
The text in the status bar can be easily updated. In reality, it's even easier than spoofing the URL in the address bar.

Myth #5: Anti-phishing Software Prevents Scams

Anti-phishing browser plug-ins (often provided for free by internet providers) are unable to detect all phishing attempts, similar to antiviral software's failure to detect new malicious code. Adding software (often of dubious quality) to your browser, on the other hand, makes you vulnerable to malware designed to attack the software.

Myth #6: An Email Containing Your Personal Data Is Legitimate

It may be a fraudulent email if you receive a message from your bank that includes your name and account number (or a portion of it). Using public databases or data leaked from other organisations, phishers may gain access to some of your personal information.

Myth #7: It Is Safe To Log In Once You Know The Website Is Legitimate

Certainly not! Cross-Site Scripting vulnerabilities on a company's website might allow a sophisticated attacker to capture your credentials by redirecting you to the attacker's website as soon as you click the "Login" button or press "Enter." Read on for some suggestions on how to avoid this.

What To Do To Avoid Getting Scammed:

If your bank sends you an email asking you to complete a task, do not click on the links or log in using the forms in the email. Instead, open your browser and go straight to your bank's website, log in, and proceed from there. DO NOT CLICK ON THE LINKS, even if the email is from someone you meet.If your bank sends you an email asking you to complete a task, do not click on the links or log in using the forms in the email. Instead, open your browser and go straight to your bank's website, log in, and proceed from there. DO NOT CLICK ON THE LINKS, even if the email is from someone you meet.

Tip #2: Invalid Credentials Usually Work On Impersonated Websites

If you think there's a problem with a website, log in with an incorrect username and password. If the website then redirects you to a "Logon failed" page, you're probably on a safe site. It may not always function, as impersonators may simulate failed logons in order to double-check the victim's input or redirect to a legitimate website after obtaining credentials. However, if your forged credentials get you through, it's almost certainly a phishing attempt.

Tip #3: Report The Message To The Company Impersonated In The Email

Most financial institutions have policies in place and dedicated email addresses for reporting security issues. If you think a message is phishing, forward it to the appropriate agency. In our Scam Reporting Database, you can find email addresses to forward suspicious emails to. Both email headers should be included. Since the company receives thousands of reports, don't expect a response.
Jump to

Anti-Phishing Tips Debunked

Myth #1: Secure, Encrypted Web Page Indicates A Valid Website

Myth #2: Secured By [insert Authority Name]. Click Here To Verify

Myth #3: Address Bar Always Shows A Correct URL

Myth #4: Moving Mouse Over A Link Shows The Real URL In The Status Bar

Myth #5: Anti-phishing Software Prevents Scams

Myth #6: An Email Containing Your Personal Data Is Legitimate

Myth #7: It Is Safe To Log In Once You Know The Website Is Legitimate

What To Do To Avoid Getting Scammed:

Tip #1: Do Not Click On Links In Your E-mail

Tip #2: Invalid Credentials Usually Work On Impersonated Websites

Tip #3: Report The Message To The Company Impersonated In The Email

Paolo Reyna

Paolo Reyna

Author
James Pierce

James Pierce

Reviewer
Latest Articles
Popular Articles