Skip to main content

Best Practices to Avoid the Phishing Attacks

In my previous article, I posted about the phishing attacks and different types of phishing attacks. On this article, I will write about the best practices that will help us to control the phishing. Phishing can be prevented somehow if we do follow best practices for anti-phishing. Some of the best practices for anti-phishing are listed below.

Maintaining Firewall & IDs
It is mandatory to maintain proper security infrastructure by installing and maintaining firewall and intrusion detection system. It should also provide security against malware.
Awareness
Awareness is one of the major things that we need to mitigate the phishing attack. New Intel Security study demonstrates that 97% of individuals can’t recognize phishing messages. Therefore, it is very important to make people aware of phishing.
Updating Web Browser
The web browser is one of the application software where users spend most of their time online, therefore, it must be regularly updated, and security patches must be applied.
Limiting the Information on Email
Personal and financial credential information must never be enclosed in an email and awareness must be practiced for this so that user would know what information they can share in email and what they can't.
Don't Click on Suspicious Link
Suspicious links on email must always be ignored and it should never be clicked.
Reporting Suspicious Activity
Malicious emails and the malicious link must be reported to the appropriate authority and be submitted to the phishing listings like phishtank so that other people will know about it.
Monitoring Logs
Logs from firewalls and intrusion detection systems must be regularly monitored so that any suspicious behavior can be detected.

Popular posts from this blog

Why should we stop using SMS-based two-factor authentication?

 Today, securing an application is challenging as attackers are becoming increasingly sophisticated. A proper authentication system plays a significant role in application security, as, without one, the app’s vulnerability could allow a malicious person to gain unauthorized access. Poorly configured authentication systems and human error are the most common reasons for data breaches. Therefore, to address this issue, the concept of two-factor authentication (2FA) or multifactor authentication is applied. In addition to user ID and password, 2FA requires users to input a temporary code unique to them to verify their identity. This creates an extra layer of security by adding one more element to the authentication process. If a user’s login credentials are compromised, malicious actors won’t be able to access the resources since they would need to have both the login credentials and the 2FA code.  One of the most widely used methods of 2FA is an SMS-based code, where the user needs to en
Read more

Five Ways to Get Rid of Cryptojacking Malware

Cryptojacking is a growing threat in 2018 and there are several ways to prevent this threat. Few of the methods to prevent this emerging online threat are discussed below. Installing browsing extension Most of the crypto mining malware works from the web browser so we can stop that malware by installing a browser extension. There are few browser extensions like ublock origin & Malwarebytes that will help to block any cryptojacking scripts. If we have these extensions installed on the browser, they will automatically stop those scripts from running on the browser which will prevent the browser from running the mining code. Those extensions are available for free and they regularly update their signature. Since they will automatically filter the mining codes we don’t need to check them manually. Therefore, installing a proper extension will help to get rid of cryptojacking malware. Installing only trusted applications Another big source of crypto mining malware is untrusted ap
Read more

What is Ransomware & How to Prevent it?

Hackers are looking for a new and easier way to make money by entering on other people's system and ransomware is one of the tools they use to make money by locking the computer of people and organization. In my previous article, I discussed cryptojacking malware and why it is a big threat to information security. On that article, you can read how and why bad guys are injecting code on people's computer to make money from that. Ransomware is another major threat to cyberspace that I would like to discuss this article. What is ransomware? Ransomware is a software that is designed to block access to any system, files or operating system until we pay a certain amount to the attacker. Most of the time the attacker will encrypt the files of the computer and they will provide the key to decrypt only after paying the amount they are demanding. Most of the ransomware attack will give very limited time to the victim to pay the demanded amount and if they fail to decrypt it within th
Read more