A few tricks to avoid the ‘Phishing’ trap

Phishing is a technique that scammers use to obtain personal information by posing to be from a legitimate source. As a result, there are many people who fall for phishing emails. We regularly update this blog with details about fraudulent emails that attempt to phish for information, but now we would like to tell readers how to identify fraudulent URLs that could be from potentially malicious parties.

Fake emails generally create a sense of panic and urgency and implore readers to act immediately. Our first piece of advice is to never click on a link provided in a suspicious email. Visit the official website instead. Never copy and paste such links blindly.

Fake RBI phishing page

Here are some more tips to spot fake links or URLs:

  • Hover the mouse over a link before you click. This will reveal the real destination address in case it is a masked link.
  • Beware of the @ sign in the URL as all browsers ignore characters that appear before the sign. For instance, the URL “www.google@wooder.com” will not take you to a Google webpage.
  • Check the spelling of the URL carefully. Scammers sometimes change a single character to try and trick victims. For instance, many people will feel at first glance that “www.micorsoft.com” is the same as “www.microsoft.com”.
  • Check if the URL of the page you are directed to is the same as that mentioned in the email.
  • Read the link properly. For instance, the URL “www.apple.com.wooder.com” will not take you to the official Apple website.
  • Ensure that the link does not start with an IP address. For instance, “https://198.162.256.56/wood/index.htm” is the kind of link that you must never trust.
  • There are several services online which shorten URLs to cater to character count limitations. To avoid falling for fake shortened URLs you should use a service like “www.longurl.org” which reverses the process to show you the real destination.
  • On another note, it is also advisable to not download any suspicious attachments. If it is necessary, you must download and scan them separately.

The following table from the Anti-Phishing Working Group (APWG) provides some troubling information. According to them, there were at least 83,083 unique phishing attacks worldwide in 190 top-level domains (TLDs) in the second half of 2011. The attacks used 50,298 unique domain names.

Phishing stats for 2010-11

Additionally, here’s how you can spot an authentic URL:

  • Check the salutation. Genuine emails will address you in a personal manner (either with a username or an account number).
  • Genuine URLs will have SSL (Secure Socket Layer) security. This can be spotted by reading the URL and finding the term “https”.
  • Genuine URLs will have a lock symbol at the bottom right corner of the screen or in the address bar right before the URL. This signifies the digital certificate and you can click on this symbol and check authentication information.

Padlock and https

We strongly suggest that you make use of the best anti-spam software like Quick Heal Internet Security on your machine. This will provide you with real-time protection against constant threats and ensure that your computer never falls victim to malicious phishing emails. Even if you accidentally open a malicious URL, a strong antivirus will detect threats as soon as they appear on your machine.

Rahul Thadani

Rahul Thadani

Follow @

Subscribe
Notify of
guest
19 Comments
Inline Feedbacks
View all comments
Akshay Chaturvedi
Akshay Chaturvedi
8 years ago

is it necessary to use QH internet security since i am using QH total security and almost every day i receive 2 or 3 spams

Razak Ahmed
Razak Ahmed
8 years ago

Thanks for the Updated……..

SAURAV BANERJEE
SAURAV BANERJEE
8 years ago

THANK YOU SO MUCH,I ALWAYS SAY TO PEOPLE THAT QUICK HEAL IS THE BEST,THANK’S

Elana
Elana
8 years ago

Appreciate your lastly speaking regarding A few tricks to avoid the

ANUP BHATTACHERJEE
ANUP BHATTACHERJEE
8 years ago

Thank you very much for the Write-up on Phishing, it is helpful in many aspect and helps to enhance the knowledge about the present day scenario in the world of Internet.
Thanking again.
Sincerely Anup.

Alok Mukherjee
Alok Mukherjee
8 years ago

It is beyond doubt that your writeup about fishing will broaden the knowledge of internet users, thnks

Dr. Saral Kumar Mitra
Dr. Saral Kumar Mitra
8 years ago

Today I almost opened a phising URL and was timely intercepted by QH internet security.It is your excellent technology that saved me from falling
pray to a phising E-mai. Thanks.

Kanishk Singh
Kanishk Singh
8 years ago

Hello Rahul Sir,

After Reading Your Post,I have one question.Quick Heal Being an Anti-Virus Company and Promising users to secure their PCs don’t have a HTTPS Verified Site.What if this Site is meant for Hacking Purposes? Why isn’t your Blog’s Identity not Verified? And the Connection of the Users is not encrypted.I even visited the Official Site of QH but that site also has no verification certificate.

Can You Please Tell Me Why?

-Kanishk Singh.

Kanishk Singh
Kanishk Singh
8 years ago
Reply to  Rahul Thadani

Thank you Sir,Your reply has resolved my question.But I would like to know that if I visit “https://www.google.co.in/”, Even though I don’t have to enter any sensitive information there like any id or password,why does that have the term HTTPS in it and has a Lock Icon before it?

Kanishk Singh
Kanishk Singh
8 years ago
Reply to  Rahul Thadani

Thank You Sir for your valuable reply,it helped me greatly.

Manasa
Manasa
7 years ago

My QH internet security does not stop advertisement websites from opening all by themselves.how do i stop it?

Manasa
Manasa
7 years ago

And how to set QH to run automatically?

Tushar
Tushar
7 years ago

thnks to rahul sir.. for ur infrmantion… i am a quick heal customer.. and i think dat ur information will getting me much awareness for surfing internet.. thnks again…

satish kamble
satish kamble
5 years ago

thanks for the information realy helpful one

19
0
Would love your thoughts, please comment.x
()
x