Some months ago I recieved a notification in my other Facebook account, the notification came with a message prompting me to clink a link attached to it, out of curiosity, I clicked the link and was redirected to another site where I needed to login with my Facebook details before I could access the site. I filled in my login details without reading through the lines and that was how I lost my first Facebook account. Obviously I had clicked on a phishing mail ignorantly.
Phishing mails are malicious and decieving emails used by hackers to trick recipents into revealing sensitive, personal and important information such as passwords, pins, bank details, and other sensitive information which can used for malicious activities such as scamming, impersonation, hacking or even financial fraud.
Phishing mails are easy to trust because they appear to come through trusted sources such as government agencies, schools, and especially banks. But in reality they are not from these sources. What hackers usually do is to design websites to impersonate and look like genuine websites, then use them to send malicious messages to people in order to access sensitive information. For example, a hacker may create a website similar to a bank's website, using the logo, banner and even similar domain name, to be able to send phishing mails.
An example of such, is an email warning of an account breach or blocking. When people receive emails notifying them that their account is about to be blocked or blacklisted with the option to click on any link that comes with the emails, no doubt they will act quickly. Of course, no one wants their account to be blocked or blacklisted.
What makes these emails even more deceiving is that they often contain messages that has a sense of urgency and may instill fear in the recipient, making them to act quickly and without a second thought.
In order to protect sensitive information and maintain data integrity, it is important to cross-check and ensure that links and emails received are authentic and real before clicking on them or even entering sensitive information such as passwords and PINs.
Since banks, and other financial institutions are the main targets of impersonation, these institution frequently post warnings online, stating that banks, and other financial institutions will never text or call to ask an individual for personal data such as their password, PIN, account token or other sensitive details.
Additionally, the use of multi factor authentication is another way to keep these details and information safe from phishers and other potential attacks. Multi factor authentication also known as two-factor authentication (2FA) protects personal and sensitive data by adding an extra layer of security other than passwords and pins. Just as the name implies, users need a second factor other than passwords and pins which are the first factors to able to access an acount. This second factor can be fingerprints, facial recognition, voice recognition or even a one-time code or PIN which maybe sent either to a person's email or phone number as the case maybe. Here is an example of how it works:
Let's say I want to enable two-factor authentication for my Facebook account, I simply log in to my account through the Facebook app.
Once logged in to my account, I search for and locate the settings/privacy icon and then click on it. A drop-down menu appears with various options;
Choosing the account center option, another dropdown menu appears with options such as password security and personal information.
I click on the password and security option, which leads me to a new page where I can either change my password, enable 2FA authentication, or view login details.
Since I want to enable 2FA, I choose the two factor authentication option. I am then prompted to select my preferred method of receiving the second factor, which can be through SMS, an authenticator app, or email. I used my email. So, basically, each time I log in to a new device with my password, a code will be sent to my email or phone to verify that I am the one logging in to the new device or site.
Without the code, I won't be able to access my account, and that's just the beautiful aspect of it. So, if a hacker manages to get my Facebook password and phone number, they still need the second factor, which is the code sent to my email, to be able access my account.
Anti-malwares also helps with protecting sensitive information and data. Anti-malware are software programs designed to detect, prevent, and remove malware, from computer systems. By installing such software in the computer system or mobile phone, malwares such as phishing mails can be detected and removed.
I use the Avast free antivirus/malware software. As long as I have it installed and remain signed in, I get hacking alerts if any of my passwords leak online so I can change them quickly. Additionally, when logging in from a new browser, there is always the "allow browser to save password" option, so the next time I want to log in, I won't have to enter my password. Clicking this option means that the browser automatically stores my passwords, which may be prone to hacking or theft. The password protection feature protects such passwords from theft by adding an extra layer of protection.
The sensitive data shield feature, also protects my personal information and details from theft, hackers and phishers by also adding an extra layer of security.
Anti-malwares are very important for protecting computers and data from attacks. while there are many threats to digital identity and privacy, the ultimate goals is to protect digital identity and maintain integrity. checking the authenticity of an email, using two factor authentication and anti-malwares are practical ways to do so.
Credits: thumbnail from freepik
Divider: @fokusnow
Posted Using InLeo Alpha
Congratulations @ngobaby! You have completed the following achievement on the Hive blockchain And have been rewarded with New badge(s)
Your next target is to reach 8000 upvotes.
You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOPOne time, Google informed me about my password being unsafe and known by many sites online, and that I should do something about it by changing it. It's this same Google that asks me to save my password for seamless logins. So I don't do that anymore—allow sites to save my passwords.
I also do 2FA now. In fact, I do multi-factor authentication on some others, too, like my Discord. Can't risk my accounts anymore.
I have links like all forms of links. I hate logging in to something. Sometimes just because I have log in , I just ignore whatever I have to do before I just don’t like it at all. And I’m also very self aware because of these scammers…. I think that’s even why I hate the links in the first place
I get it, logging into things all the time is annoying. Plus, with all the scams, it's smart to be careful. Maybe we can find a way to make this easier or use a password manager to help. Do you have any ideas to make it less annoying and safer?
I think changing your passwords every month or two