This is a guest post by Arjun. If you want to guest post on this blog, check out the guidelines here.
Millions of accounts are compromised everyday merely on Facebook. Something similar is the case with Twitter, Orkut, and LinkedIn etc. Maximum of these accounts are compromised, rather hacked using different hacking tricks and one of those tricks is phishing. Phishing is really simple, once you get the concept behind it but I strongly oppose this practice. I must not get into “How to do phishing” because this will violate our terms and conditions. Now, what to do against such attacks? Frankly, there’s hardly anything we can do after getting phished, but there are a hell lot of things we can do to prevent being phished and that’s what I am going to discuss in this post. The best way for not getting phished, is getting the ability to filter the phishing sites from rest of the web. Some ways of detecting phishing sites are mentioned below –
Check the URL
The best way to detect phishing websites is by checking for the legitimate URL. Hackers, rather phishers, cannot create a phishing page on the domain which is already registered. For example, phishing page of Facebook cannot be hosted on the www.facebook.com domain. So, to trick us, phishers host their pages on domains like www.facebooks.com. If you will look carefully, you will see there is a difference of ‘s’ in both the domains and if you fail to notice this thing, you can easily get phished. What I personally do is, bookmark the sites in which I login almost daily.
Good Quality Anti-Viruses
That’s another good thing you can do to prevent being phished. I prefer you to keep a legitimate anti-virus in your computer, I suggest you not to be dependent on the pirated anti-virus. If you are having good anti-viruses like Kaspersky, Norton, AVG, etc then you can depend upon them but not fully. So, anti-viruses also play an important role in preventing being phished.
There are millions on browsers floating on internet and can be readily downloaded for free. But remember one thing, not all of them provides you the security to tackle the phishing websites. For example when you open up some sites which don’t have web certificate or something like www.facebooks.com then your browser automatically detects the difference and warns you. This thing is completely missing in many browsers.
Use Fake Passwords
Not all phishers are professional in what they do, many of them do it just to test phishing. What all the noobs do is that they just forget to change the re-directing page. For example, let’s say that the phisher who created www.facebooks.com is a noob, what he will do is that he will not change the re-directing page. So when someone logins using even a fake password, he/she will be re-directed to some totally different page which are generally sponsored. So, if you are logging in for the first time, use a fake password and see where are you re-directed.
Another good point. You must have seen pop-up ads like “XYZ sent you request on Facebook”. Once you click such ads, your Facebook account gets either click-jacked or phished. So always avoid pop-up ads. To make sure whether someone of that name has really sent you a friend request just head on to your original Facebook account and check it yourself.
Remember – Web is safe, you will surf it safely.
Note: Facebooks.com is mentioned here is Now owned by Facebook itself.
Arjun is a security expert and likes to research and explore more about it,he also works for ivpn.net who are known to provide best VPN Service.
If you like this post, Share it to your friends. Dont forget to Subscribe our Feeds, Follow us on Twitter and Facebook.