Phishing is a type of attack that is formed by combining the words “Password” and “Fishing” and translated as phishing. Phishing attacks have emerged as the most popular attack type of recent times. Using the baiting method, computer users are inflicted billions of dollars in damage every year.
Baiting is often used to learn a person’s password or credit card details. Computer users are directed to fake sites with the help of e-mails prepared as if they came from a bank or an official institution.
For phishing attacks, ‘Banks, Social Networking Sites, Mail Services, Online Games etc. fake web pages are being prepared. Here, the personal information of the computer user, card number, password and so on. required. The information of users who take into account the requests on the e-mail and fake site is stolen.
How do phishing attacks occur?
Attackers, especially banks, mail services, shopping sites, social networking networks (Facebook, Twitter, MySpace etc.), friendship and instant chat systems, online games, such as by preparing a copy of systems that are logged in using username and password ( Clone Copy ) makes preparations.
These sites are seen as exact copies of the sites you are trying to log in. However, if you pay attention to the address bar, you may realize that you are not in the right place.
Attackers direct their victims to these fake pages they have prepared by sending e-mails to their existing e-mail lists or to the people they target.
These pages often force you to re-enter your user information as if you made a mistake. A careless user thinks that I have entered wrong and enters his information again and delivers his information directly to the attacker.
Likewise, links sent with e-mail addresses. By directing you to the systems that the attacker has prepared, it may cause them to open a back door to enter your computer. If successful, the attacker can take complete control of your computer.
The most common attack currently is the “Ransomware” ransomware. Again, this virus can infect your system only by clicking on the links sent with such messages, and you can be asked for money by encrypting all your files.
To protect yourself from such attacks, make sure that the e-mail or message comes from the right institution or person. If necessary, call the institution and confirm whether it has sent such a message before taking action. Do not click on the links in the content of the e-mails you are not sure of.
Make sure that the browser you use (Explorer, Chrome, Firefox) has “https://” in the address bar and check that the correct domain name is written.
Also, make it a habit to do these checks, even if these messages come from someone you know.