Phishing Attacks

A phishing attack is when someone tries to get you to click on something that is impersonating an actual site. There have been phishing attacks against many major sites such as Facebook, Google, Twitter, and just about any highly used site. A phishing attack works by getting in the middle of you and where you are going on the network, and then they host a look alike site and redirect you to it. If it is done properly you may never know unless you are checking. However there are a couple things you can look for, your biggest friend is your common sense. Let’s say, for instance, you go to a site to watch a movie and it redirects you to a site that says you need to install java, but you notice at the top that the url is a bunch of numbers (IP) instead of words…chances are this is not the java site and they are trying to get you to install malicious code. Most of the time the url will be your indicator, but you can also, depending on your browser, click on the icon in front of the url and view certificate, this information should stay the same for the most part and will tell you more about the identity of the site you are connected to. You want to pay attention to the fingerprint in specific. You don’t have to know what it means you just need to check for consistency. If you do go somewhere you shouldn’t and you realize it later on, just make sure you change your password on said site. Also never connect to networks that are just open or not trusted, for more info on this read our wireless security section. And don’t ever be afraid to ask your IT professional if something is in question.

Recent Posts