About phishing

Phishing is a type of Internet fraud involving the theft of personal data; phishing is propagated via email and other channels.

Emails can be fake notifications from banks, ISPs, online stores, electronic payment systems, or other entities. The emails attempt to trick the recipient into visiting the scammers' website under false pretenses, such as an invitation to update login information or to find out more about a product or service.

Unsuspecting recipients of a phishing email may follow the link to find themselves on a phishing website that looks exactly like the company's website it purports to be.

Internet users can get to a phishing site in other ways, for example, by clicking on a link in a search engine.

Scammers can generally pursue a range of different goals. One of these goals is to trick users into disclosing their confidential data, such as logins, passwords to accounts or crypto wallets and other registration data, bank account numbers and banking card details. Users would enter this information into a web form on the fraudulent website giving the scammers access to their money. Infecting computers with viruses and malware is another trap a user might step into after clicking on a phishing link.

Recognizing fraudulent emails and websites

Fraudulent (phishing) emails and websites may look unsuspicious at first glance. Inclusion of company logos that look like the authentic ones or actual contact phone numbers may lull users into a false sense of security. The email may also contain links to the company's actual website, except for the main phishing link that would take the user to the criminals’ website.

The following telltale signs of phishing may alert the user:

• Though phishing website domains may look like actual legitimate companies' web domains, on closer inspection the user may notice extra words in the domain name (for example, a company's official domain www.example.com could be changed to www.login-example.com), or dots and dashes replacing slashes (www.example.com/personal/login could be changed to www.example.com.personal.login or www.example.com-personal.login). Please note that the email body may contain the company's actual domain address, but when the user clicks on the link, the browser's address bar will show a different domain.
• The email is using an impersonal form of address, such as "Dear user," or "Hello".
• Graphics in the email or on he website look unprofessional, the text contains typos or bad grammar.
• The email recipient is being asked to immediately verify their confidential data by following a link, or sometimes to enter their data in a form in the email body. The email may explain such urgency with alleged account suspension or hacking, or a threat of losing one's data.

Phishing check

Kaspersky application checks email and website contents for phishing links. Links are checked against a database of phishing web addresses and fake cryptocurrency exchanges, which is regularly updated.

For additional protection, Kaspersky uses heuristic analysis and sends queries to the Kaspersky Security Network (KSN) cloud services during the check. Kaspersky Security Network contains the most up-to-date information about recently emerged threats, including phishing websites which have not yet been added to Kaspersky databases. The data received by the KSN is analyzed by Virus Lab employees in real time.

If you have clicked through to a phishing website, you can report it to Kaspersky Security Network using the Kaspersky Protection extension.