HTTPS-Encrypted Phishing Scams and How to Avoid Them
As if mainstream phishing wasn’t bad enough, phishers have upped their game. Yes! You read that right! Phishing scams have entered a new era of popularity over the net. Hackers and cyber-criminals are now using legitimate-looking websites to con people out of their personal information and compromise their security of their finances. With this massive surge in conning sites over the web, the real question you have to ask yourself is how you can ensure that the site you are visiting is legitimate and not an internet scam? To understand the latest generation of internet scammers, let us first look at what has prompted them to adopt this new approach.
How Conventional Phishing Scams Work
Phishing scams have existed on the internet ever since the dawn of online commerce. There is no shortage of people looking to swindle people out of their money. As technology has grown, so have the number of people engaged actively in running these scams. The result of this is that first companies started using encryption to protect their data, and then the private person started doing the same.
Most conventional phishing scams work the same way as a regular con. They trick you into believing something like an arbitrary change of passwords or an account deactivation. They take you into their confidence and make you reveal sensitive information about yourself, most often your finances.
Online phishing scams have traditionally used emails to make their cons. A phishing scam email will most often have a link that will take you to a website where you will be asked to enter personal details like your bank account number or ATM pin code or credit card info. People who fall for these scams often find their accounts cleared out and being left high and dry.
What Has Been Done to Prevent Phishing Scams
Encryption is one of the most basic kinds of security and people used to ensure that the websites they visited were encrypted. In recent years, many prominent internet security companies have pushed for a safer internet by promoting and advocating high-end encryption protocols like HTTPS. For those who don’t know, the S at the end of this HTTPS means that the site is encrypted and provides a basic level of security.
This was expected to lead to a significant decline in phishing scams, hacks and other malware installation across the internet. However, as is the case with opportunistic people who harbor malicious intent toward others, phishers have used it to their advantage.
Nowadays, it is quite possible for phishers to fake an HTTPS and green padlock encryption on their phishing page and con people into revealing their personal information. In the past few months, there has been a spurt in phishing scam incidences where people have been conned out of large amounts of money.
Why Is This Happening?
The reason why this is happening is that when people see an HTTPS encryption, they automatically think that the site is legitimate and secure, and don’t think twice before entering their personal information. While it is true that most HTTPS sites are in fact real and authentic businesses, there is a chance that you can come across a phishing site posing as a real business. This is a scary situation.
There is no doubt that HTTPS has made the internet a lot safer and provided at least a basic level of protection to businesses and their clients. However, this does not mean that any site with the green padlock is completely secure and you should trust it blindly. The green padlock movement, which was initially begun to help legitimate businesses protect their users’ data, has now been hijacked by phishing scammers. If you don’t stay wary of scams, there is a big chance that you will fall prey to a phishing scam and lose a lot of money.
How Can I Protect Myself Against Phishing Scams?
Any scam, including phishing scams, is a con or confidence trick. The victim is taken into confidence, made to believe that the service that is being offered is necessary and coaxed into revealing sensitive information.
With the advent of the internet, con men (and women) have found a new platform for running a virtually innumerable number of cons potentially across the entire world. Consequently, a lot of software tools have also been developed to protect people from phishing scams and generally keep a user’s personal information safe.
Most major antiviruses like Norton, McAfee, Avast etc. have anti-spamware and malware protection. Modern browsers like Chrome, Firefox etc. also have an inbuilt system which warns a user that a particular site is not safe to visit. However, there is literally nothing to protect you from your own self. If you decide to enter your personal information on a suspect website, then nothing can prevent your private info from becoming public.
So the first and foremost line of defense is your own self. Here are some signs of a phishing scam and how you can avoid falling prey to them:
- Never respond to emails linking you to an unknown site.
- Your bank will never ask for your personal info through any medium, be it online or through the phone.
- Before you decide to comply with any email, check its source.
- Use reliable antivirus software with multiple protection covers.
- Check your online accounts once every 10 to 15 days.
- Never reveal personal info to even eCommerce sites like Amazon, eBay. Once they have that info, the hackers and scammers can easily retrieve your personal info by backtracking previous transactions.
- Finally, use a VPN for truly secure browsing and data protection through encryption. This may not be the ultimate security, but it is as close as current technology can get.
With phishing scams on the rise, it is wise to safeguard against them and stay up with the latest forms of scams being deployed. Be sure to keep your personal data safe and never reveal it to anyone in any way.