What is phishing?

March 20, 2024
4 min read
Computer phishing

Phishing is a prevalent online scam that preys on individuals' trust and fear to trick them into revealing sensitive information to fraudsters. In this article, we delve into the world of phishing, exploring its deceptive tactics and how to recognise phishing attempts targeting cryptocurrency owners. Additionally, we discuss steps you can take to prevent falling victim to phishing, such as keeping software up to date, using strong passwords, and enabling two-factor authentication.

How does phishing work?

Phishing is a type of scam where fraudsters use social engineering tactics to deceive individuals into revealing sensitive information. Phishing typically involves the use of fake emails, websites, or social media posts that appear to be from a trustworthy source.

The goal of phishing is to deceive the victim into thinking that they are interacting with a legitimate person or entity, when in fact, they are interacting with a fraudster. Once the fraudster has obtained the victim's personal information, they can use it to commit identity theft, make unauthorised purchases, or gain access to accounts.

Phishing attacks can be highly effective because they often exploit human vulnerabilities such as trust and fear. Therefore, it is important to be cautious when receiving unsolicited emails or messages and to verify the authenticity of any requests for personal information.

How to recognise phishing?

Phishing attacks targeting crypto owners are unfortunately very common. Here are some ways to recognise phishing:

1. Check the sender’s email

Fraudsters often attempt to communicate with victims from email addresses with slight variations from the party which they intend to impersonate. In some cases, the variation is more subtle than in others. Therefore, it is important to always verify the authenticity of addresses from which you receive an email.

Sometimes, technically skilled phishers may be able to change the sender's name and email address to match the company's email. Therefore, cryptocurrency owners should also take additional preventative measures.

2. Check the URL

Phishing websites will often use a domain name with a slight variation to that which they intend to imitate. Always double-check the domain name to ensure correct spelling and identify slight or unusual variations as this could indicate a phishing attempt.

Look for a padlock icon. If the website uses SSL encryption to secure your connection, you should see a padlock icon in the address bar. Click on the icon to see more information about the website's security.

Tip: Do not always trust the top result in Google without checking for signs of phishing. Fraudsters sometimes buy Google ads to promote their phishing domains.

3. Check the email layout

Nowadays, most phishing emails are quite convincing both in content and style. Do not assume an email with very obvious spelling mistakes or an unusual layout to be legitimate. This doesn't mean that a company can never have a typo in their emails, but be extra alert for these signals.

Check your data

Nowadays, there is a lot of illegitimately obtained user data which is available and sold on the dark web. An easy tool to find out whether your data has been compromised is www.haveibeenpwned.com. However, even when your information isn't mentioned on this website, it is still vital to remain cautious.

What can I do to prevent phishing?

Phishing attacks can cause serious harm to victims. However, there are several steps you can take to prevent phishing:

  • Keep your software up to date: Phishing attacks often exploit vulnerabilities in outdated software. It is imperative to regularly update your operating system, web browser, and other software to incorporate the latest security patches.
  • Use strong passwords: Generate robust and distinctive passwords for every account. Perhaps use a reliable password manager to store them. Steer clear of commonly used passwords, such as "123456" or "password" or something with your personal data like your name or date of birth in it.
  • Enable two-factor authentication: Two-factor authentication adds an extra layer of security. It requires a second form of verification, such as a code in a text message or using an authentication app on your phone.
  • Be cautious of unsolicited emails and messages: Phishing attacks often start with an unsolicited email or message. Be wary of any requests for personal information or links to unfamiliar websites. Emails claiming you have won a prize are also often used by phishers. If you are unsure, contact customer support to check if the email is legitimate.

Stay vigilant

In today's digital world, protecting yourself from phishing attacks is essential. By being vigilant and following the guidelines provided in this article, you can reduce the risk of falling victim to these scams. Stay informed, stay secure, and stay one step ahead of phishing threats.

The information provided in our articles is intended solely for general informational purposes and does not constitute (financial) advice.

Subscribe to our newsletter

Everything you need to know about Bitcoin, straight to your inbox. Subscribe now for the latest from Blockrise.