IT Blog

Security

Phishing

Mark the date, today is 11.01.2021. By the time you read this article around 6,791,308 phishing has been submitted (Phish Tank). And this is only going to increase hence this article is here to guide you to your safety.

What is phishing?

Phishing is a cyber attack that uses disguised email as a weapon. The goal is to trick the email recipient into believing that the message is something they want or need — a request from their bank, for instance, or a note from someone in their company — and to click a link or download an attachment.

What statistics show?

83% of organizations said they experienced phishing attacks last year.

Phishing was the third most common type of scam reported to the FBI regardless of company size, industry, or location.

97% of people cannot identify a phishing scam.

An analysis of more than 55 million emails reveals that one in every 99 emails is a phishing attack.

Approximately 15 billion spam emails are sent daily; 45% of all email is spam (and some researchers believe that number to be closer to 75%.

30% of phishing messages are opened.

More than 71% of targeted attacks involve the use of spear phishing.

How to prevent phishing ?

The best way to prevent phishing identification of the phishing hook. You can educate yourself to identify phishing hook by attending seminars and other sources on the internet. There are many examples to go through. 

There also are a number of steps you can take and mindsets you should get into that will keep you from becoming a Fish, including:

  • Always check the spelling of the URLs in email links before you click or enter sensitive information
  • Watch out for URL redirects, where you’re subtly sent to a different website with an identical design
  • If you receive an email from a source you know but it seems suspicious, contact that source with a new email, rather than just hitting reply
  • Don’t post personal data, like your birthday, vacation plans, or your address or phone number, publicly on social media

If you work in your company’s IT security department, you can implement proactive measures to protect the organization, including:

  • “Sandboxing” inbound email, checking the safety of each link a user clicks
  • Inspecting and analyzing web traffic
  • Pen-testing your organization to find weak spots and use the results to educate employees
  • Rewarding good behavior, perhaps by showcasing a “catch of the day” if someone spots a phishing email

How to whitelist your website once your website is blacklisted as a phishing threat?

Once your website is blacklisted by any of the security engines then your site will be blocked which is quite common, It’s to secure your website and other users who visit your website from the same threat.

Steps to follow once your website is blacklisted

  1. First, you have to clean your website and remove the malware.
  2. Secondly, you have to identify the security engines that blacklisted your website. For that, you visit websites like sucuri,hetric tools, etc. 
  3. Then you have to manually request the removal of your website from the blacklist. Most of the engines take a few hours to remove your site from their database.
  4.  Wait for the process then happily enjoy your website.

If you need any assistants with your company’s phishing problem, you can always contact us.

Leave a Reply

Your email address will not be published. Required fields are marked *