How to secure yourself from online event phishing links?
Online communities and the things around them are growing. It’s becoming a trend. The flexibility and convenience are more. But these event calendars are being misused to attack online users and steal data. They are being used for phishing people. So this blog post is to make you aware of which event invite is a phishing scheme and which one is safe to open to accept the invitation. Use these four pointers to see if it’s legitimate. Is the source of the invitation legit? A sudden surprising invite from your favorite brand or an event organizer isn’t all hoax since most of the small and local businesses along with the corporates are using online invitations especially posts covid as an accessible way to invite people to their events. It’s easy to navigate from home, but it doesn’t mean you delete it. But make sure the sender is a verified or legit sender address before accepting an invite or even thinking about clicking the link. Alternatively, make sure that it actually came from that particular business. Try to recall if you ever subscribed or signed up for membership at their venue, store, or website. Then go and online search for that event, if the event is legit it should be posted somewhere on the company website or some event organizer like Eventbrite and more. If you cannot find anything then the invitation is indeed fake and report the email before you mark and delete it as spam. Furthermore, you can reach out to the company using the phone or email given on their contact us page on their website and ask if there’s such an event and they would be more than happy to tell you about it. Also, if you are always known to go to these events then you would be familiar with the emails or invites you receive from this sender address. 2. Secure your device Securing your device is one other way to stay protected. So make sure your computer’s antivirus software and a network firewall are up-to-date or at least turned on. This software helps to block spam or malicious links, emails, and attacks that are about to take place on the device if you happen to end up clicking the link anyway. It’s okay to invest in antivirus software as some of them also offer backup protection and protection from ransomware too. There isn’t that latest of at least technology of antivirus pieces for mobiles and tablets but it’s good to at least have downloaded some basic ones. Since it will help to have that additional layer of security to protect you and your data. When you continue to open the link, the network is protected from any sort of threat when you click the link to RSVP for that invitation. 3. Giving your personal information Phishing emails/invites look legit and that’s the whole reason why we even fall for this stuff in the first place. Hackers and cybercriminals have mastered this art of deceiving and know very well how to copy the model of emails and SMS or for that matter any similar-looking thing to get you to click the link in the first place. They even make use of Google calendars, Gmail, and other sites to make it seem as real as possible. They sneak them into our inboxes. The way the email looks doesn’t have to make it legit. The sender will more or less always ask for some kind of personal information. Do not give any personal information at all. In case, if you think the event is legit and they request personal information then it’s always advised to contact them yourself via the event page or website and give them those details instead of falling into this trap. 4. Look at the URL before proceeding Most of the time the URL itself will help you make it clear if that URL is even legit or not. All the brand and event or corporate invites start with their domain name and then an extension of the rest of the things. Usually, popular domains and HTTPS are protected by Google Crawlers, and hence phishing the main site would last for barely 5-10 minutes at max before it’s taken down on hosting sites. Didn’t understand a thing? well, don’t worry. I do cover this in upcoming blog posts but for now, just know that popular sites cannot be replicated so check for the legit domain name before the extension link. Additionally, hover over the link to see the hidden URL (if any). It helps to re-evaluate the site destination address. Something to keep an eye out for is to see if the URL is shortened from a site like TinyURL or bit.ly or other 3rd party sites. When you click on the link, does it take you to the expected site? Sometimes if the ending is some random extension like .doc or .exe then abort the process. There’s another way, even if you are most careful about all the things. Hackers can redirect you to another site with tons of pop-ups or aggressive downloads and more. There’s also something called link checker and it can sound too much to click on some random link but if you are especially clicking on something related to a bank or similar things then it’s better to be super safe. Link checkers help keep the spam scores of the link and also tell if any files were downloaded in the background when clicked on it. Worst case scenario you already have your device and network protected, you can mid-way stop the attack. So, I am curious what happens when I click the spam link? Good question, lol as if I am gonna give you grades for asking the right set of questions. Anyway, Your personal information can be collected that’s saved on your browser and on your device Random virus files and browser extensions may be downloaded in the background without giving permission to…
Read more