路由# 321076470
利率 利率
联系 联系
位置 位置

避免钓鱼

2021年10月27日 7分钟

什么是网络钓鱼?

Phishing is when a fraudster pretends to be a reputable person or company 和 steals 个人信息 to be used for financial crimes or identity theft. 网络钓鱼发生在社交媒体上, 通过电子邮件, 通过电话, 在弹出窗口和搜索引擎结果中.

网络钓鱼是如何运作的?

这个经典的骗局说明了网络钓鱼是如何工作的.

  1. 你收到一封假装是你的金融机构发来的邮件. It says there’s a problem with your account 和 has a link that looks like it’s from the institution’s website.
  2. You click the link to go to the website, 和 you’re presented with a login page. 这看起来像是该机构的官方网站, 虽然文字和图形可能不是100%准确.
  3. 输入用户名和密码.
  4. You’ve been phished – thieves now have your online banking 用户ID 和 密码. Now they can log in to your account, transfer money out, 和 steal more 个人信息.

Besides email, phishing can happen via cold calls, pop-ups, search results 和 social media.

什么是电话钓鱼?

This classic cold call phishing scam happens when “tech support” calls 和 claims to be from a reputable company (like Microsoft or Norton) 和 states that your computer has a problem. 然后罪犯会要求你在你的电脑上安装软件, 或者让他们远程访问你的电脑.

如果你安装了软件或者给打电话的人远程访问权限, 你让小偷有机会偷你的钱 个人信息. 有时,这些骗子甚至会要求支付费用来解决问题.

什么是网络钓鱼弹出窗口?

浏览互联网时, you might see pop-ups that tell you there’s something wrong with your computer, 或者主动提出“修理”或“扫描”你的电脑. 经常, you will see these when you’re searching for a related problem – for example, a pop-up that claims to have found a virus on your computer appears when you search for information about viruses.

有时, 弹出窗口看起来像是来自一个合法的来源, 比如微软或诺顿. 如果单击弹出窗口, 提供个人信息, 或者下载软件, 你最终可能会被钓鱼.

Examine the message closely — look for obvious signs of fraud such as poor spelling, 不专业的图像, 还有糟糕的语法. 如果弹出窗口中有电话号码, you can also do an internet search for that number to verify its legitimacy. 一般来说,避开弹出窗口是个好主意!

网络钓鱼如何与搜索引擎结果一起工作?

Fraudsters frequently use paid search results to advertise “support services”, 廉价产品, 就业机会或惊人的交易. 当你查看搜索结果时,要注意以下几点:

  1. 交易、折扣或赠品听起来好得令人难以置信. If you provide personal or financial information, you’ll lose your money or identity.
  2. 信贷 cards with very low interest rates from banks you’ve never heard of. 这些应用程序通常只是为了窃取您的信息.
  3. 求职申请需要大量的个人信息. 在线求职可以显示 虚假的工作邀请 from companies that don’t exist – especially for work-from-home opportunities or too-good-to-be-true offers. The applications for these jobs will ask for 个人信息 that an employer wouldn’t need to hire you.
  4. 网站承诺扫描你的电脑的问题或解决病毒. Although there are legitimate antivirus companies who offer services online, much of what you find in search results are fake companies that only want to steal your identity 和 money. 在下载任何东西之前请谨慎操作!

网络钓鱼是如何在社交媒体上发生的?

从Facebook到LinkedIn,社交媒体充斥着网络钓鱼攻击.

  1. Advertisements on social media – especially for fake products or too-good-to-be-true prices – may be attempts to steal your credit card 和 个人信息.
  2. 直接消息(DMs)可能包含网络钓鱼企图, 尤其是如果你的朋友或家人的账户被入侵了. Hacked social media accounts can be used to send phishing links through DMs, attempting to trick you into visiting malicious websites or downloading file attachments.

例如, a friend’s Twitter account that has been compromised might send you a direct message with a fake link to connect with them on LinkedIn. This link would direct you to a phishing site that looks like the LinkedIn login page, 但实际上是一个旨在窃取你领英证书的网络钓鱼网站.

  1. Fake customer support accounts are when scammers impersonate major br和s such as Amazon, 贝宝, 还是三星. Because many people turning to Twitter or Facebook over traditional customer support channels, 骗子正在利用这一点.

例如, the Twitter h和le @Amazon_Help might be used to impersonate the real support account @AmazonHelp. 确保你使用的是真实的客户支持账户, 在公司的官方网站开始寻找帮助.

  • Spam comments often appear on trending content – they contain links to phishing sites that try to trick you into entering your 个人信息, 例如在线帐户的用户名和密码. Be careful with any links you see in comments, 和 don’t ever log in to sites linked in comments.
  • Compromised accounts of friends can also be used to make posts that are phishing attempts. Because you know 和 trust the person making the post, you may be more included to trust the link. The post you’re looking at for a great electronics deal or travel sale may be legitimately posted by your friend – but know that social media accounts can be hacked, 所以不要自动相信你看到的所有帖子.

如何保护自己免受网络钓鱼的侵害?

有很多网络钓鱼骗局, 但如果你记住了这五件事,你就可以在网上保护自己  实践: 拒绝,忽略,验证,练习 和 审查.

拒绝 – 拒绝 to download software or provide remote access if there are phone calls about your computer asking for remote access – hang up, 即使他们提到像微软这样的知名公司.

忽略 —忽略可疑短信, 关闭弹出窗口, 和 avoid clicking on links or attachments in emails from people you don’t know – delete them instead.

验证 – 验证 the identity of the contact (if you’re unsure about a message) through an independent source such as an online search, 或者拨打一个已知的号码. 不要使用发送给您的信息中提供的太阳集团平台!

锻炼 ——网上购物要谨慎. 小心那些看起来好得令人难以置信的提议, 总是使用你了解和信任的网上购物服务. Think twice before using virtual currencies (like Bitcoin) or alternate payment methods (like prepaid debit cards or iTunes gift cards) — they do not have the same protections as other transaction methods.

审查 -检查你在社交媒体上的隐私和安全设置. 如果你使用像Facebook这样的社交网站, 小心你要联系的人, 和 learn how to use your privacy 和 security settings to ensure you stay safe.

如果你认为自己被钓鱼了,你该怎么做?

如果你认为你被钓鱼了,采取以下4个步骤来保护自己.

  1. Change your passwords to your computer, to financial institutions, 和 to your online accounts. When you’re changing your financial institution 和 other online account passwords, do that using a different computer than the one you think you were phished on.
  2. Run a full system scan on the compromised computer using the built-in antivirus software (if the computer has it), 或者使用信誉良好的公司的软件.
  3. 联系 your financial institution to report that there has been potential fraud performed on your account.
  4. Consider asking the credit bureaus to place a fraud alert or credit freeze on your account – their contact information can be 在本页找到.

比较

向上箭头键
取消 现在比较