Many dangers await us on the internet, where we are not separated for almost a day. “Users need to be conscious and vigilant to protect themselves from these methods that cybercriminals use to achieve their goals,” said Saim Hatipoglu, a Master Mathematician who has recently warned against phishing site fraud.
Phishing sites, which are usually created by imitating a legitimate website, aim to obtain individuals' personal information, credentials, financial account information or other sensitive data. Istanbul Gelisim University Faculty of Engineering and Architecture, Department of Software Engineering Res. Asst. Saim Hatipoğlu: “Phishing attacks are one of the most common methods for cybercriminals to achieve their goals and cause billions of dollars in damage every year.” Phishing ites are designed to be exact copies of trusted and widely used sites, such as banks, e-commerce sites, or social media platforms. The purpose of these sites is to attract the attention of users and make them think that they are on a legitimate site.”
“Scammers imitate official sites with letter errors”
Stating that phishing sites use a domain name that is very similar to the original site's URL, Res. Asst. Hatipoğlu also added: “The URLs used often contain lowercase errors, extra characters, or extension differences (e.g., www.bankassi.com instead of www.bankasi.com). This may indicate that a site is fake. Users should carefully examine the URLs of the sites they visit and compare them with known URLs. A significant number of phishing sites show a lack of security certificates or use fake certificates. Legitimate sites usually start with the "https://" protocol and are indicated by the lock icon in the browser. However, the existence of this symbol alone is not enough, because fake sites can also use HTTPS.”
"Unknown links should not be clicked"
Although phishing sites try to mimic the design and content of the original site, they can often contain low-quality images, inconsistent spelling mistakes, and language mistakes. Such inconsistencies should be an alarm for users. Users should manually type the URL into the browser or log in to the site through reliable search engines to access a site. Clicking on links that come directly via email or message can put users at risk. Users should also be careful about suspicious emails and messages. Phishing attacks are usually done via email or SMS. It is significant that users do not click on links in emails from people they do not know in order to be protected from such attacks.”
"Different and strong passwords should be used for each site"
Stating that using browser add-ons and security software that protect against phishing attacks can significantly reduce the risk of users, Res. Asst. Saim Hatipoğlu, “Using different and strong passwords for each site ensures the security of users' credentials. Password managers can make this process safer and easier. Using different and strong passwords for each site is also one of the important steps to ensure the security of users' credentials. Password managers can make this process safer and easier.”
“Reliable VPN usage can improve password security”
Stating that there are some basic security steps for individuals to protect themselves against phishing site fraud, Res. Asst. Saim Hatipoğlu concluded his words as follows: “Public Wi-Fi networks are more vulnerable to cyber attacks. Therefore, it is recommended that users use secure and encrypted connections. Moreover, encrypting internet traffic using a reliable VPN can improve users' security. But not all VPN services are equally secure. Untrusted VPNs can monitor users' traffic or use it for malicious purposes. This can make users more vulnerable to phishing sites. Therefore, it is recommended that users only use known and trusted VPN services. ”