Recently, you may have seen a message from a page called Social Network Registry Corporation. It typically (incorrectly) informs a page that they’ve been violating Facebook or another social media platform’s policies. The organisation will ask you to verify your account ‘for security reasons'.
This is nothing but a phishing attack. Do not take any notice of these pages. Block them. It may even be worth informing your colleagues of what to look out for, so that you can all stay safe online.
Phishing attacks are a type of social engineering strike that’s primarily used to steal a user’s data—such as their credit card number and/or login details. The phishing communication will appear to come from a trusted person or organisation, such as your bank or a gas company. With this trust, they will try to make the user click a link…this will install malware on their computer, or it will lead to a page that encourages them to input their personal details.
Often, these scams appear quite obvious to tech-savvy people, but that’s not to say that every phishing attack is easy to spot. If something seems off, the chances are it will be a suspect message; always go with your gut feeling. Companies will never ask for your details over the phone or via email, so keep this in mind and never give out your passwords or personal information in this manner.
Phishing attempts can often look slightly ‘off’, they’re commonly misspelt, or they may use an email address that—whilst similar to the company’s they’re trying to imitate—will obviously be wrong. They’ll also use words like urgent, must and immediately to try and convey a sense of panic within you, so that you don’t think too much about clicking the link they provide or furnishing them with your information.
Unfortunately, sometimes, these attacks will be successful. As soon as you realise you’ve fallen victim to a phishing attack, you should do the following:
Write down as many details as you can remember—as soon as possible. In particular, try and note the information the communication asked for, e.g. usernames, passwords and personal details you might have shared
Change the passwords on any of your affected accounts as soon as possible. Should you use the same password on other ‘unaffected’ accounts, change these too. Passwords should be unique from account to account
Consider setting up two-step verification. This tool effectively protects against phishing attacks; even if you do share your password, there’s more information the criminal would need to fully access your account
If an attack occurs at work or school, you should tell your I.T. support team immediately, so that they can handle the fallout appropriately
If phishing criminals manage to steal money from you, or you become a victim of identity theft, report this to the police. Give them as many details as possible
Remember, if something feels off, the chances are it will be. Always do your research and never open links from unknown sources.
Comments