What is phishing and how to avoid it?

Cover Image for What is phishing and how to avoid it?
Sharon Brizinov

What is phishing and how to avoid it?

Phishing is a type of cyber attack in which attackers use deceitful tactics to trick individuals into providing sensitive information, such as usernames, passwords, or financial details. The attackers often pose as trustworthy entities, such as banks, government agencies, or legitimate businesses, to manipulate the victims into divulging their confidential information. Phishing attacks commonly occur through email, but they can also happen through other communication channels like text messages, social media, or phone calls.

To avoid falling victim to phishing attacks, consider the following tips:

  • Be Skeptical of Unsolicited SMS and Emails: If you receive an unexpected email or SMS requesting sensitive information or urging you to click on a link, be cautious. Verify the legitimacy of the sender before taking any action.

  • Check URLs: Examine the sender's email address or phone number in case of an SMS and verify that it matches the official communication channels of the supposed organization. You can use to verify the legitimacy of embedded links.

  • Verify Requests for Sensitive Information: If you receive a request for sensitive information, whether through email, phone, or other channels, independently verify the legitimacy of the request by contacting the organization directly using official contact information.

  • Be Cautious on Social Media: Be mindful of the information you share on social media platforms, as attackers may use publicly available data to craft more convincing phishing attempts.

  • Keep Personal Information Private: Avoid sharing sensitive information unnecessarily. Be cautious about what details you provide online and who you share them with.

  • By staying vigilant, verifying requests for sensitive information, and adopting good cybersecurity practices, you can significantly reduce the risk of falling victim to phishing attacks.

What is smishing and how to avoid it?

Smishing, a portmanteau of "SMS" (Short Message Service) and "phishing," is a type of cyber attack where attackers use text messages (SMS or MMS) to trick individuals into divulging sensitive information or taking certain actions, similar to traditional phishing attacks conducted via email. Smishing messages often contain malicious links or ask recipients to respond with personal information.

To avoid falling victim to smishing attacks, consider the following precautions:

  • Be Skeptical of Unsolicited Messages: Just as with email phishing, be cautious about unexpected text messages, especially those that ask for personal or financial information.

  • Verify the Sender: Confirm the legitimacy of the sender before responding to any messages. Use official contact information from the organization or individual purportedly sending the message.

  • Do Not Click on Suspicious Links: Avoid clicking on links in text messages unless you are certain of their legitimacy. You can use to verify the legitimacy of embedded links.

  • Check the Message Content: Be wary of messages that create a sense of urgency, pressure you to take immediate action, or seem too good to be true. These are common tactics used in smishing attacks.

  • Avoid Sharing Personal Information: Refrain from sharing sensitive information, such as passwords or financial details, in response to unsolicited messages. Legitimate organizations typically do not request such information via text.

  • Report Suspicious Messages: If you receive a suspicious text message, report it to to help prevent the spread of smishing campaigns.

  • By remaining vigilant, verifying message authenticity, and practicing good security habits, you can reduce the risk of falling prey to smishing attacks and better protect your personal information.