Phishing Is About a “Deadly Scam” Africans and Much Distinguished Are Losing Their Hard Earned Money to it And How You Can Protect Yourself.
Some days back, I saw a post about someone who lost millions of naira via her account with one of the popular providing digital wallets around the nation.
Much distinguished are blaming the owners of those digital wallet providers.
Well, I’m not here to take sides.
Very often, many people lose money to fraudsters via their bank account or digital wallets.
In most cases, these losses occur due to the fact that many people are ignorant and lackadaisical about a type of deadly scam method known as Phishing.
So, what is Phishing?
This is Wikipedia’s definition:
Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords, and credit card details, by disguising oneself as a trustworthy entity in an electronic communication.
I will explain better.
Phishing is how elaborate online fraudsters start their operation.
They start by sending you an email, instant message, or text message that is disguised as if it is coming from your email provider, your bank, a social media platform, the government, or an authority site.
If you are internet savvy, you might easily identify this when it is done by amateurs.
But when done by professionals, many people (even well-educated CEOs) easily fall for it.
Phishing emails and text messages often trick you into clicking on a link or opening an attachment.
They may say they’ve noticed some suspicious activity or log-in attempts
– Claim there’s a problem with your account or your payment information
– Say you must confirm some personal information
– Include a fake invoice
– Want you to click on a link to make a payment
– Say you’re eligible to register for a government benefit
– Offer a coupon for free stuff
Here is a common example:
Let’s say you use GTB or some of the banks you use.
You may receive an un-ideal looking email from GTBank (Fake to be precise) like the image above.
The purpose of the email is to get you to do either of two things.
(1) Click a link
(2) Download an innocent-looking document
If you click on the link, you will be redirected to a website that looks exactly like GTBank where you will be asked to provide some important pieces of information about yourself…
like your password, PIN, BVN, etc.
They probably won’t ask for it directly.
E.g. To get your password, they can tell you to change your password.
Once you supply those details, Hey Friend!
They got you.
In many cases, you won’t even know you have exposed your details to scammers.
That is the easy one.
The second format is trickier.
This is the one where you are told to download an innocent-looking document like a tax receipt, an invoice, or a bank statement.
These files can be in Jpeg, Png, Pdf, HTML, or zip formats.
But the file you are downloading, in this case, isn’t a normal document.
It is a hacking document (known as a keylogger) that collects all the passwords you type with your keyboard and sends it to the scammers who own the file.
With that information, they can easily log into your email box, your social media accounts, your bank accounts, etc
I only used an EMAIL instance for illustration purposes and because it is the most common.
Again, the phishing messages can be sent to you via social media DMs, Instant messages, Whatsapp, text messages, etc
The majority of people who lose the money in their digital wallets or bank accounts have mistakenly been exposed to phishing one time or the other without being aware.
For instance, scammers could have gotten access to the login information for your bank account 3 months ago and just waiting till when you have good money in the account before they strike.
So, How Can You Protect Yourself?
1. The first thing you should do is to activate what is known as “Second-factor authentication” for your emails, social media accounts, Whatsapp, and every other platform where you need to log in.
Second-factor authentication is a two-step verification process in which you provide two different authentication factors to verify yourself before you can access your account.
The first verification is your login details (e.g username and password)
The second verification is a code sent to your email address or phone number.
I prefer receiving the code as a text message though. This is okay in case your email isn’t secure.
Don’t say it won’t happen to you.
Activate 2 steps verification otherwise known as two or second-factor authentication on all your accounts within the next 24 hours.
Just do a search on Google for “How to activate two-step verification or second-factor authentication for Whatsapp/Twitter/Yahoo/Gmail etc” or sign up here to get our direct guide on how to be internet savvy.
2. Do not click any link or download any document coming from a bank, government, etc for any reason.
If you want to change your password or download your account statement or do anything, browse to the website of the bank or organization.
Anytime you are doing this, always ensure that there is a padlock showing on your browser which signifies you are on a secured site.
If your browser warns you that your information might be shared with a third party, close the window immediately.
Then try again on a different browser or try again later.
3. Use good security software on your computer – The majority of people don’t use security software on their computers and that is a shame.
You are just putting yourself out there as prey to scammers.
There is very powerful security software that helps you to deal with old or new security threats.
There are many of them out there.
Just don’t use free security software.
Even if it looks safe, just don’t.
The truth is there are bad people out there on the internet.
It is simple wisdom to protect yourself.
I hope this helps.
