phishing – PSafe Blog https://www.psafe.com/en/blog Articles and news about Mobile Security, Android, Apps, Social Media and Technology in general. Thu, 19 Jan 2023 14:49:21 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.3 https://www.psafe.com/en/blog/wp-content/uploads/2018/05/cropped-psafe_blog_purple-shield-32x32.png phishing – PSafe Blog https://www.psafe.com/en/blog 32 32 <![CDATA[Careful With That QR Code! Five Steps For QR Code Safety]]> https://www.psafe.com/en/blog/careful-with-that-qr-code-five-steps-for-qr-code-safety/ Fri, 11 Mar 2022 18:14:35 +0000 https://www.psafe.com/en/blog/?p=21198 For 20 million people, the temptation proved too hard to resist. For a full minute, a simple QR code ping-ponged back and forth on their television screens during a break in the action at the Super Bowl. Cryptocurrency company Coinbase reportedly paid 14 million dollars for that ad – but clearly, they got their money’s worth: 20 million people were redirected via QR code to their landing page, specially designed for the ad. 

Caution Flags 

The radical simplicity and irresistible pull of the Coinbase spot was the talk of the post-game ad reviews. But out of the din of this discussion came another message — this one from the Federal Bureau of Investigation (FBI). Inc Magazine’s Jason Aten pointed to a warning they had issued a month prior to the big game – the first lines lay out the situation quite clearly:

The FBI is issuing this announcement to raise awareness of malicious Quick Response (QR) codes. Cybercriminals are tampering with QR codes to redirect victims to malicious sites that steal login and financial information.

QR Codes Are Back, And Bigger Than Ever

Once again, it seems that bad actors have seized on a popular trend to help them do their dirty work. A simple technology dating back to the 90’s, QR Codes are on the rise lately – as they’ve become a very effective digital tool for marketers who want to quickly convert mobile phone readers into shoppers and buyers. The Wikipedia entry on QR codes gives you a quick grasp of just how powerful they can be when scanned on a mobile phone:

QR codes may be used to display text to the user, to open a webpage on the user’s device, to add a Card contact to the user’s device, to open a Uniform Resource Identifier (URI), to connect to a wireless network, or to compose an email or text message.

All you have to do is think about how hackers might use that kind of power, and you can quickly see that indiscriminate scanning of QR codes could lead you into some serious trouble. 

Two Primary Sources of QR Code Danger

The first danger with malicious QR codes is the fact that they can transport you seamlessly to a fake website. As with most hacks, the first layer of the transaction seems to be legitimate: the QR code works! The user arrives at a site that has the offer or information they were seeking. 

And this is when many users will let their guard down, and fail to notice telltale signs that the site isn’t legitimate. Super-sweetened offers can also play a role in softening up otherwise careful users. The bad website can be a collection point for private information and financial data, and the path to financial losses and ID Theft is paved.

The second danger is QR codes that include malware themselves. Once again, let’s turn to the FBI for — “just the facts”:

Malicious QR codes may also contain embedded malware, allowing a criminal to gain access to the victim’s mobile device and steal the victim’s location as well as personal and financial information. The cybercriminal can leverage the stolen financial information to withdraw funds from victim accounts.

That’s about as bad as it can get. So, short of forsaking the use of all QR codes — how do you defend yourself?

What Can You Do?

Here are the five steps you can take – we discuss each below in more detail:

  1. Get informed about what QR codes are and what they can do.
  2. Make sure your device has good security software.
  3. Use that security software regularly!
  4. Before scanning any QR code, scan “the situation.” 
  5. Make sure you land where you expected to!

You’ll be glad to know that you’re well on your way to completing the first step. We hope this article has helped in this regard, and if you want to get even more up-to-date on potential threats to you and your mobile device, we highly recommend these two companion articles:

Six Ways That Cybercriminals Try To Take Over Your Device – QR codes are covered here along with several other traps, like WiFi Honeypots, Fake Apps, and even Subtitles in Streaming Apps. Do give it a careful read – lots to learn here.

Can a QR Code Be Used In A Phishing Attack? – If you’ve followed us so far, you know the answer to this question is YES! But hit the link to get more information on how QR codes can bait the hook for hackers’ big Phishing expeditions.

Security Help

If you’re using dfndr security, make sure you activate the anti-hacking feature to protect you from scams and malware. dfndr security PRO plan also has a dedicated Safe App function to help sniff out apps that contain malware, and also provides complete Identity Theft reports should you suspect trouble.

Eyes Up!

But your awareness is always going to be your first line of defense. Remember that QR codes primary benefit is to help you connect to a specific spot on the web without your having to type in a URL. The “fun” of seeing this work is no doubt a major part of the success of that Coinbase ad. 

If you decide you do want to scan a QR code – make sure you can verify it’s from a trusted source, and take a good close look at the surroundings: the copy and design, the context of use. Is the code stuck on a wall outside a club? Or did it come to you via a traceable source like a mass mailing? If you can verify that the code is from a trustworthy source – make sure the landing spot is what you expected it to be.  

Just remember what your friends in the FBI told you: a QR code isn’t a game to be taken lightly — or a Pokemon type game where you have to capture and collect. They serve a very specific function, and they’re more powerful than they look. Treat QR codes with the same caution you’d give to any unknown app or web address.

]]>
<![CDATA[Coronavirus: Remain On High Alert For Scams & Disinformation]]> https://www.psafe.com/en/blog/coronavirus-remain-on-high-alert-for-scams-disinformation/ Mon, 06 Apr 2020 17:40:54 +0000 https://www.psafe.com/en/blog/?p=20567 As we’ve crossed into the month of April, the count of patients infected with coronavirus continues to grow at a sobering pace, and shows no signs of slowing anytime soon. At the same time, people are trying to adjust to the “new normal” of sustained social distancing.  

A Perfect Storm For Scams and Disinformation

The behavioral and psychological changes required to make social distancing work are significant: everything from sharing a home or apartment for an entire day (and with more people, especially if you have kids), to figuring out how to go to the grocery store and shop safely.  The combination of emotional, physical, and psychological stressors, combined with significantly increased internet and email “screen-time” for most people, has created a kind of perfect storm for online scams, con-artists, and disinformation. Another powerful factor driving this storm is curiosity: people are extremely hungry to hear news, and hopeful / practical news in particular.  Scammers have stepped into make the most of these factors, and as Emilio Simoni, Research Director at the dfndr Lab explains: “What we’re seeing is cybercriminals redoubling their efforts to create more, increasingly sophisticated scams, in order to reap profit from baseless, sensational ads or news — or through thefts of personal and financial data. The information they offer is almost invariably false, and sometimes the information itself is immediately dangerous to victims who act on it.”

No Slowing Down: Scammers Are Busier Than Ever!

The pace and inventiveness of coronavirus scams appears to be picking up. Emilio Simoni and the dfndr Lab Security Team have gathered the following examples together. Note that these items by no means constitute a complete list of scams in operation.  We share these with you so you can get a richer sense of the variety of these scams, and the methods they employ.

A multilingual scam using the Nike brand name was discovered by the dfndr Lab Security Team (see image above). The scammers used geolocation to adapt the language used to the victims: it showed messages in Portuguese, English, or Spanish, depending on the visitor’s locale. Some generic questions were used to draw people in, and after they were drawn in they were automatically redirected to another domain, full of ads. It was through impressions of these ads that the cybercriminals reaped their profits.

Emilio also notes that “Cyberattacks are becoming more and more sophisticated. One of the most popular scams leveraging the pandemic is the one that falsely promoted a free 1-year subscription for Netflix. The cybercriminals study how official companies and websites offer promotions and sales, then mimic their approach, which can help to create a extremely convincing page.” You can see the example Emilio cites, immediately above.

The dfndr Lab Security Team has also discovered cyberattacks connected to fake profiles on Facebook, also known as bots. These bots are especially prevalent in Facebook Private Groups. Of 3 bots discovered and analyzed by the dfndr Lab, one had engaged more than 10k interactions. These bots used intelligent techniques to persuade the victims, “talking” through pre-recorded messages that request personal information. The most common themes used by these bots to attract new victims were 1) registration to receive the government social security benefits,  and 2) offering a map to check the coronavirus spread around the world. The dfndr Lab also notes that many scams in the US are being disseminated through Facebook Messenger. So be careful!

Paypal phishing attacks have also grown exponentially since the beginning of the pandemic. Dfndr lab stipulates that during the month of March, scam emails fraudulently claiming to be from PayPal, and seeking private information, reached over 1.4k users in the US alone. 

With people all over the world sheltering in place, virtual meeting providers Zoom, has been in high demand. The dfndr Lab detected 4 fake domains using their name. The URLs were hiding trojans that could act in different ways: seeming to install the Zoom app, but redirecting victims to another website full of ads, and rapidly consuming your phone battery.

What Can You Do?

This is a story that will continue to move fast, so the examples above will be joined by new and different examples by time you read this. As Emilio Simoni pointed out, hackers all over the world are in HIGH PRODUCTION mode during this crisis. They’re going to keep inventing new and more devious ways to get information, and steal from you.  

You need to protect yourself. So make sure you’re using a security solution that’s built to alert you immediately when you access a scam site, or interact with a known digital virus “carrier.” dfndr Security has an excellent Anti-Hacking feature you can activate. 

If you upgrade to the dfndr Pro version, you’ll get the added benefit of a Safe App Installer (which warns you if an app you’re about to install may be a vector for malware). It also offers Identity Theft Protection to keep your email safe as well. 

Consider Going Pro

One of the best ways to protect yourself right now is to upgrade your dfndr app (if you haven’t already) to dfndr Pro.  Pro gives you these added protections:

Unlimited Identity Theft Reports: You can check if any of your account credentials have been leaked on the internet.

Anti-theft protection: In case of theft or loss, you can lock down your device remotely, find the phone on a map; or, activate a loud alarm to find it nearby. You can also get a picture of the thief, and wipe the phone of your personal data.

Safe App Installer: You’ll know if an app has previously had data breaches before installing.

App Privacy Scan: You can locate on a map where your app data is going and how it might be used by third-parties.

Ads free version: Totally ad-free

Use this link to learn more about dfndr Pro, and consider upgrading. 

Everyday Digital Hygiene Matters Now Too 

Just as avoiding coronavirus requires that you keep your hands clean (and keep them away from you face!) — digital hygiene is achieved through simple steps as well. Now’s a time to make doubly sure that you:

  • NEVER click on links sent to you from unknown people. 
  • Look very closely at emails: If the source looks or sounds like someone you know but the name or email address seems even slightly off…stay away! Leveraging contact and friend information is one of the most common paths for scammers to load malware or get your private information.
  • Only download or install software from trusted sources. Make sure you double check url’s! The Anti-Hacking feature on dfndr will protect you from malware and known hacking sites. 
  • Use reliable sources, such as legitimate government websites, to get real, fact-checked stories and information on COVID-19. Be aware that scammers will be pulling at you emotionally. This is a hard time for everyone, but do everything you can to stay cool and grounded: your ability to “count to three” before clicking or responding to a link or headline is more important now than ever.

We’re going to keep working to keep you informed and up to date.  Until next time, we hope you and yours can stay safe and stay well! 

]]>
<![CDATA[The Rise of Phishing Scams via Text Message]]> https://www.psafe.com/en/blog/rise-phishing-scams-via-text-message/ Fri, 23 Feb 2018 00:00:19 +0000 https://www.psafe.com/en/blog/?p=16611 Phishing scams don’t just land in your inbox anymore, cyber criminals are now targeting SMS phones more than ever. If you want to keep your smartphone and private information safe from hackers that use phishing attacks through text messages, activate dfndr security’s anti-hacking feature now. This technologically advanced feature will help protect your smartphone from any possible phishing attempts before you even click on a link in an SMS. Check it out if you’ve been receiving strange SMS messages lately:

 

 

What Are Text Message Phishing Scams?
This type of phishing scam involves a fraudulent text message that is sent to you that appears to be coming from a legitimate source. Some sources that hackers may pretend to be (and have pretended to be in the past) are your university, your Internet service provider, your email, or even your bank. They typically say that something is wrong with your account or that you need to update your login information because your security has been compromised. Then, the text message will include a link to their fake website that is pretending to be a real company. Once you’re on the spoofed website, it will typically ask you to enter your private information. The website may ask for your password, a credit card, or any other login information. Once you have entered your personal information, the hackers will use it to steal your accounts or credit cards.

Read More: 5 Unknown Phishing Scams to Watch for During the Holidays

How You Can Keep Yourself Safe From Phishing Scams
The best way to keep yourself safe from phishing scams is to be very wary of any text message you get from a “trusted” source. Very few Internet providers or universities will text you asking to update your information. In general, don’t click any link that an unverified text message number sends you. The safest way to check if the text message is real is to email or call the real trusted source and ask.

]]>
<![CDATA[Where Do Most Phishing Attacks Occur and Why?]]> https://www.psafe.com/en/blog/phishing-attacks-occur/ Tue, 13 Feb 2018 13:00:09 +0000 https://www.psafe.com/en/blog/?p=16641 One of the main ways hackers can penetrate your network is through a social-engineering, or phishing, attack. A phishing attack compels users to disclose personal information before proceeding to the following page. This page is often disguised as a reputable institution, such as your email provider or bank’s website, thus tricking you into entering personal information on a secure portal.

Plainly, think of phishing as that email that solicits money through a cunning story, like the famous email chain about the prince who needed money to return to the throne. While phishing attacks can occur in almost any part of the world, it’s worth noting the countries and regions where it occurs the most. Unsurprisingly, the biggest hotspots for phishing and cybercrime occur in countries known to be victims of cybercrime, such as the United States and China.

Read More: How to Use dfndr’s security scan and full virus scan

Asia
East Asia has endured an uptick of cybercrime and phishing attacks in the last decade. Countries like Vietnam, China, Russia, India, and Japan all rank high on countries that experience a high number of phishing attacks. The likely reason for the increase is twofold: the standing of these countries in geopolitical terms, and the sophistication of their country’s network. For example, China’s mostly closed Internet has given rise to a black market Internet, which inherently breeds a space for cybercrime. On the other hand, Japan’s relatively open Internet has been plagued in recent years by an uptick in phishing scams as their economy increases in size.

Europe
Germany, France, and the U.K. also experience a high number of cybercrime and phishing attacks. The attacks on the three largest economies of Europe probably happen because of that fact — financial incentive attracts hackers.

The Americas
The U.S. and Brazil can also claim to be high on the list of victims from cybercrimes and phishing attacks. U.S. cybercrimes increased from 18.89% to 23.96% in 2016, making it the country most susceptible to cybercrime. Brazil also saw an uptick, as it moved form the 10th highest victim of cybercrime to the 3rd.

How to Stay Safe
There are many ways you can stay safe from cybercrime and phishing attacks. The easiest way is to make sure you’re browsing safely by using a security and antivirus app. The second way is to look at emails with scepticism, especially if you haven’t done anything different with your online accounts. Also, be aware of your friends or family getting hacked and odd messages coming from them.

]]>
<![CDATA[How Do Phishing Attacks via Google Docs Work?]]> https://www.psafe.com/en/blog/how-do-phishing-attacks-via-google-docs-work/ Sun, 04 Feb 2018 13:00:41 +0000 https://www.psafe.com/en/blog/?p=16497 If you’re savvy on digital tech trends, you may have noticed the highly publicized phishing attack that occurred in early 2017 that gained access to Google accounts via Google Docs. The report affected millions of people, and required Google to send out a notification warning users to ignore the phishing request and to change their permissions quickly. This shows how important it is to not only be aware of the latest scams, but to take measures to block phishing attempts. To protect your phone from these kind of hacks use dfndr security’s anti-hacking feature:

 

If you like the idea of having an antivirus app block malicious links before you even click on them, the anti-hacking feature does just that. So how did this Google Docs attack work, and what can users do in the future to sniff out future attacks before they happen, in addition to using anti-hacking? Continue reading to find out more about Google Docs phishing attacks.

Read More: Google Play Protect Fails to Deliver – Only Stops 65.8% of Malware

How This Attack Worked
First, the initial issue that caused this was a minor one, and it stemmed from a simple email that appeared as if it was sent by a recent contact. The email then encouraged individuals to open and log in with their Google account. The page that users were delivered to looked exactly identical to the normal Google permission pages, which is what caused so many users to grant and fall for the attack.

Of course, once they had signed over their information, it was too late. Hackers were able to use the information and passwords for whatever they wanted, and users were left scrambling to change their information and ungrant permissions. Of course, while the attack targeted less than .1% of Gmail users, that still means that millions of people were at risk, and many clicked on the link.

Of course, there’s a lot to learn about this that users can use to protect themselves in the future. First and foremost, users should be careful and always think twice about sharing their information. If an email takes you to a page looking for information that you’ve likely already shared on your computer, you may have encountered the phishing page. Maintaining a healthy skepticism is key to staying vigilant and on top of attacks that may be incoming.

]]>
<![CDATA[5 Phishing Clues to Look for in Emails from Your Contacts]]> https://www.psafe.com/en/blog/5-phishing-clues-to-look-for-in-emails/ Tue, 24 Oct 2017 00:00:51 +0000 https://www.psafe.com/en/blog/?p=14383 Hackers and online predators have unfortunately become very savvy in recent years. This means that they’ll go to almost any lengths to trick you and obtain your sensitive information. Now, hackers are even making emails and messages appear to be from one of your contacts, then compromising your system when you click on any malicious links. Actively looking for these clues and practicing caution as you open emails — in conjunction with using the anti-hacking feature on your Android device — will ensure that you keep your information and accounts private, safe, and totally secure. Click here to protect yourself from phishing attacks:

Deeplink_Activate-Anti-Hacking

Read More: 
The Rise of Increasingly Sophisticated Ransomware

The Email Address Doesn’t Match Your Records
As mentioned, hackers are savvy. They have the capability to make emails appear as if they’re from someone in your contact list, when really, they are from a different and malicious email account. Always verify that emails containing outbound links are actually from whom they claim to be from. Check the email address in your records. You’d be surprised — sometimes hackers use email addresses at domains containing dead giveaways like the word “evil.”

It Has a General Salutation
Hackers may put in a general salutation that isn’t personalized or isn’t how your friend or family member would actually greet you. It may say “Hi!” or something else devoid of a specific name.

The URL Doesn’t Go Where it Claims to Go.
Hackers know how to make URLs (that are embedded into emails) look like they’re going to direct you somewhere that they aren’t. Before clicking on a link, hover over it to verify that it is going to direct you to a trusted site or at least to where it claims it will send you.

The Email Urges Immediate Action.
Phishing emails often attempt to trick you into clicking on a link and divulging sensitive information that you wouldn’t want to be compromised. If your “contact” sends an email that seems to be pushing you towards clicking a link, filling out a form, or completing a request, be cautious.

The Email Contains Attachments
You should always be cautious when opening attachments in emails, even if they appear to come from a trusted source. Look at the attachment name, verify the email address from your records, and even follow up directly with your contact to confirm they’ve sent an attachment before opening it if you find it to be questionable. It’s always better to be safe than sorry!

]]>
<![CDATA[The Biggest Phishing Attacks of the Last Decade]]> https://www.psafe.com/en/blog/biggest-phishing-attacks-last-decade/ Fri, 16 Jun 2017 16:00:07 +0000 https://www.psafe.com/en/blog/?p=11867 According to analysts, around 85% of American companies have been targeted by phishing attempts. The popularity of phishing attacks among hackers is largely due to its simplicity. Much of the time, a hacker only needs one trusting employee to open a phishing email and its infected attachment — and they’ll have successfully breached the entire company’s data! It’s that easy. To keep yourself safe from phishing attempts at work and at home, you should use our Anti-Hacking feature. Click here to stay safe online:

Deeplink_Activate-Anti-Hacking
The Anti-Hacking feature blocks any phishing attempts while you’re browsing the Internet. You’ll also be blocked from malicious websites and receive warnings about deceptive websites so that you never enter your personal information on an unsafe site. You will no longer be vulnerable to phishing as long as Anti-Hacking is activated.

Read More: How Google Bombs Can Lead to Phishing Attempts

With hackers’ methods growing in stealth, precision, and finesse, there have been many devastating security breaches throughout the last 10 years. Listed in chronological order, here are some of the decade’s worst phishing attacks.

Operation Phish Phry (2009)

Back in 2009, Operation Phish Phry was the biggest international phishing case that the FBI had ever witnessed. Nearly 100 people in the USA and Egypt were arrested for stealing $1.5 million through phishing scams. The hackers’ methods were rooted in bank fraud, and they successfully targeted hundreds of online users.

RSA (2011)

Irony took a cruel twist when hackers attacked RSA, a security firm, in March 2011. Turns out, the company’s Adobe Flash had been left unpatched and it fell victim to a spear phishing. Through this breach, the hackers were able to access the networks for U.S. defense suppliers.

Sony Pictures (2014)

2014’s notorious Sony Pictures breach was caused by a tirade of phishing emails. Through social engineering, the hackers convinced employees to open their infected attachments, since the recipients honestly believed a company colleague sent them. From this attack, over 100 terabytes of Sony’s data was stolen, which cost the company an estimated $100 million — and maybe even more!

Anthem (2015)

Back in February 2015, hackers invaded Anthem’s servers and took upwards of 80 million medical records, including files belonging to the Blue Cross and Blue Shield. Their attack was successful because five employees opened a phishing email and unknowingly downloaded a keystroke-logging malware. Reportedly, when sold on the Black Market, stolen health records are worth ten times more than a credit card theft.

]]>
<![CDATA[5 Things You Can Do to Prevent Phishing Scams at Work]]> https://www.psafe.com/en/blog/5-things-can-prevent-phishing-scams-work/ Mon, 22 May 2017 14:00:27 +0000 https://www.psafe.com/en/blog/?p=11347 Phishing attacks on businesses are on the rise: the FBI reports that businesses worldwide have lost more than $5 billion over the last several years because of this trend. Hackers are typically able to gain access to a business’ computer system through their employees, by targeting individuals with social engineering scams through phishing or by collecting personal information from their social media profiles. You can use the Anti-Hacking feature to block phishing attempts on your work phone:

Deeplink_Activate-Anti-Hacking
Anti-Hacking will block you from malicious websites and warn you of deceptive websites. It’s important to stay protected from scams across devices since you’ll likely check emails throughout the day on your work or personal phone. After all, you don’t want to be the weak link at your company — the individual whose oversight leads to a company-wide breach. The following are additional ways you can protect yourself from phishing scams at work.

Read More: How to Protect Yourself from Social Engineering Attacks

  1. Follow the Strong Passwords and Use Two-Factor Authentication Rule

Your IT department will prompt you to create strong passwords and use two-factor authentication for your professional accounts. Don’t ignore this request, as this is how many companies are breached — employees who ignore this or put it on a to-do list but don’t follow through. Strong passwords are long passwords with lowercase and uppercase letters, symbols, and numbers. Also, apply the same rule to your personal accounts.

  1. Be Wary of What You Send Via Email

Email is not a secure form of communication for many reasons, one being that it’s easy to intercept emails. Don’t send any personal information via email or email forms (such as passwords or your Social Security number).

  1. Be Suspicious of Unsolicited Emails and Phone Calls

Some unsolicited emails and phone calls are legitimate — but many are not. Many phishing scams are designed to prey on your emotions, and get you to respond with personal information or click on a link out of fear. This approach works, too: it is often most successful when the targeted individual is experiencing personal trouble or hardship, which the hacker can gather from stalking the victim’s social media profiles.

  1. Be Skeptical of Emails From Trusted Sources

You should be skeptical of all emails you receive — even if they’re seemingly from a friend, coworker, or your bank. Phishing scams are getting cleverer by the day, and many scammers are able to spoof emails from people you know or else compromise a known, trusted email address. If the language in the email feels “off” or strange — and if that language is accompanied by a link, attachment, or a request for personal information — ask yourself if the email seems legitimate. If you have doubts, reach out to the sender by another form of communication and ask if they sent the email. If you’re at work, alert your IT support department right away.

  1. Don’t Mix Business With Pleasure

Be cautious about what you post on social media, especially when it comes to information related to your job. Hackers are more frequently targeting employees’ social media profiles in order to collect personal information that could provide answers to job-related security questions or passwords.

]]>
<![CDATA[How Well Does Outlook Protect Your Emails?]]> https://www.psafe.com/en/blog/well-outlook-protect-emails/ Mon, 16 Jan 2017 23:00:44 +0000 https://www.psafe.com/en/blog/?p=6980 For every legitimate email that you receive, chances are you get one hundred other emails that are anything but real. Whether it’s another notification about your Swiss Lotto win, an online dating website enticing you to join, or an inheritance you’ll get if you will only provide your bank account info., chances are that you’ve come across more than a few spam emails. Microsoft Outlook users, however, receive a double dose of protection from scam emails. How does Microsoft Outlook protect your emails?

Spam Emails

Right from the start, like most email clients, Microsoft Outlook evaluates your incoming messages, determining whether or not they are spam. Anything that doesn’t make the cut heads directly to your spam folder so you never have to deal with it.

Read More: How to Scan Your Android Device for Viruses

But this email program goes a step above and beyond. Most messages that arrive to your inbox are in HTML format. Many of them contain images or even sounds that are from another place on the Internet (an external source).

Sometimes, scammy email providers use those things to grab your email address. When you open the email, the content is downloaded automatically, and the spammer is able to effortlessly validate your email address. After that, it may be sold off to additional spammers so you receive even more junk emails — as if you didn’t receive enough already. Luckily, Microsoft Outlook blocks these automatic picture downloads.

Phishing

There are plenty of junk emails that pretend to be from legitimate sources. They may pose as a financial institution, an insurance company, or an online retailer (to name a few). No matter who they pretend to be, they share a common goal: to get you to provide your personal information. They are hoping to trick you into providing your account number or passwords so they can get into it themselves.

Phishing scams aren’t always easy to spot. The junk email filter checks out each incoming email to make sure it doesn’t contain suspicious links, and to see if the sender’s address is legitimate. To keep you from making a big mistake, those emails are routed to your junk folder, and any functionality (like clicking links or replying to the message), is disabled.

However, there is always a risk, as Outlook’s system isn’t perfect. Install DFNDR on your Android smartphone for highly effective antivirus and malware protection. If a malicious email slips through, DFNDR will detect the threat immediately.

]]>
<![CDATA[Tips for Avoiding Internet Phishing Schemes]]> https://www.psafe.com/en/blog/tips-avoiding-internet-phishing-schemes/ Wed, 14 Dec 2016 16:00:08 +0000 https://www.psafe.com/en/blog/?p=6365 Phishing is a hacking method where the hacker masquerades themselves as a trustworthy entity. They typically send out emails asking for your username and password. This information goes directly to the hacker, making it extremely easy to gain access to sensitive information. Here are a few tips for avoiding these schemes.

Learn to Identify Suspicious Emails

There are a few clues you can look for to see if an email is legitimately from the company. First of all, Google the email address that sent you the email. This will often tell you whether the email is legitimate or malicious. Moreover, don’t let the imagery on the emails fool you. Phishers frequently attempt to copy and paste the emblem of the company to try and further legitimize their email.

Read More: Why Your Fingerprint Login May Not Be Safe

Never send your password over email

Your bank, and most other firms, will NEVER ask for your password via email. This is a common trick that many people fall for, resulting in a forfeiture of their private information. If a firm is asking for sensitive information over email, it is almost guaranteed that you are being phished. Avoid these at all costs.

Never go to websites linked to in emails

A lot of phishers embed faulty links in their emails to websites that masquerade themselves as the real firm. For instance, if you bank with Wells Fargo, a phisher could send you a link to a website that looks like a carbon copy to the Wells Fargo website. Don’t let the similarities fool you. If you wish to login to your bank account, access the website through an app or by typing the URL. These faulty links will oftentimes lead to trouble.

Stay up to date on internet safety

News outlets will often broadcast stories about mass phishing schemes. This usually results in their demise — once the public is aware of the scheme, fewer people fall for it. By staying up to date on internet safety news, you can be cognizant of widespread malicious attempts to phish.

Doubt it? Delete it.

If you have the slightest inkling that an email is malicious, you’re probably right.

Download PSafe Total and PSafe Total Windows so that if a virus does attempt to enter your device through a phishing scam, it will be detected right away.

]]>