How to save yourself from falling into the “phishing trap”?

When we hear the word Phishing, what image do we visualize exactly? Don’t we see a fisherman, sitting with a fishing stick to trap fishes? Yes, we do.

Oh! I think I’ve made a small mistake. I wrote “Phishing” instead of “Fishing”. But was it really a mistake that was made? No. I’ve written it deliberately. But why?

Phishing is a thing which is actually the same as fishing, though not literally. In “Fishing”, a fisherman makes TRAPs for fishes to get trapped and here Dodgers prepare TRAPs for users to get trapped. The only difference is in the techniques. Formally phishing is mainly a cybercrime. It is a fraudulent attempt of getting personal and sensitive information like passwords, pin codes, debit and credit card details by cloning oneself as a trustable entity in electronic communication like Gmail, telephone or text messages.

TRAP

As mentioned above, we are also trapped by the TRAPs. If you think that it was a sarcastic comment, then let us get you a clear picture as to what we meant by it.

Let us be aware of the TRAP:

T – Tab nabbing

It is a kind of phishing attack and computer exploitation that persuades users to submit their login details along with passwords to renowned websites by impersonating those sites along with convincing the user that the site is authentic. 

R – Redirection (Covert Redirection)

Redirection refers to Covert Redirection. It is a subtle procedure to perform phishing attacks that make links appear legitimate but actually redirecting it to a forger’s or attacker’s account.

A – Adulteration (Website Forgery)

The word “Adulteration” means Forgery. This refers to Website Forgery. Some forgers can use JavaScript commands in order to change the address bar of the website they lead to. This is performed either by placing an image of a legitimate URL over the address bar or by eliminating the original bar and opening up a new one with the legitimate URL. 

P – Pageant (Clone Phishing)

The pageant is the synonym to clone or disguise. It is a type of phishing attack where phishing takes place through emails. It is a type where a legitimate and pre-delivered email containing an attachment or link which has its content and recipient address(es) taken and used to prepare an almost identical or cloned email. 

Consequences

As you are quite aware of the TRAP, now we can easily get into its consequences. 

We are quite aware of the term OTP, right? We are also aware of its full form and what OTP means. It’s a One-Time Password. But presently, it defines something else. Its present abbreviation is Officially Trapping People. Maybe it sounds ridiculous but this is the actual fact. 

OTP (One-Time Password) is considered an effective deterrent against cybercriminals trying to extort money from the bank through online transactions. 

There are many such cases where criminals fooled customers and forced them to reveal their OTP, accessed it by android hacking or learned how to hack OTP of other mobile numbers. But now, they found another way of looting. They request your bank to change your phone number linked with a bank account. A cybercriminal can smartly walk into the bank, impersonate you, request a change in the registered number and use the connection to receive the OTP. Impersonation is a quick and simple process to carry out an OTP theft. 

A resident of Janakpuri in Delhi has been duped by a criminal, who was victimized by losing Rs11.5 lakh from his current account recently by impersonation, according to a TOI report.

Police informed on August 31, that two persons arrived at the bank and one of them impersonated the account holder. They requested alteration in the registered number and fill in the prescribed form. After registering the new one, they carried out online transfers from the victim’s account using the OTPs sent to the new mobile number. They withdrew Rs11.5 lakh and transferred to six different accounts held in a bank in Dwarka and then further withdrawn through ATMs and cheques. After the crime was committed, they just switched their number off. 

There is another way of OTP theft. Criminals can dupe a bank customer by contacting the mobile operator with fake identity proof and get a mimicked SIM card. When the operator deactivates the original SIM, the criminal generates OTP on the new number and conducts online transactions and this is how to hack OTP of other mobile numbers.

Conclusion

It is becoming impossible day by day for banks and the government to take preventive measures and make the customers aware of such transactions. If you’re now aware of what OTP means (Officially Trapping People), kindly take precautionary measures. Don’t give your personal and sensitive details to anyone. Don’t fall for a better opportunity and don’t get trapped into the TRAP of the fraudsters.

TIKAJ’s Anti-phishing service will help secure your intangible treasure.