About phishing

Phishing is a type of Internet fraud involving the theft of personal data; phishing is propagated via email and other channels.

Emails can be fake notifications from banks, ISPs, online stores, electronic payment systems, or other entities. The emails attempt to trick the recipient into visiting the scammers' website under false pretenses, such as an invitation to update login information or to find out more about a product or service.

Unsuspecting recipients of a phishing email may follow the link to find themselves on a phishing website that looks exactly like the company's website it purports to be.

Scammers can generally pursue a range of different goals. One of them is to trick users into disclosing their confidential data, such as various credentials, bank account numbers and banking card details. Users would enter this information into a web form on the fraudulent website giving the scammers access to their money. Infecting computers with viruses and malware is another trap a user might step into after clicking on a phishing link.

Recognizing fraudulent emails and websites

Fraudulent (phishing) emails and websites may look unsuspicious at first glance. Inclusion of company logos that look like the authentic ones or actual contact phone numbers may lull users into a false sense of security. The email may also contain links to the company's actual website, except for the main phishing link that would take the user to the criminals’ website.

The following telltale signs of phishing may alert the user:

• Though phishing website domains may look like actual legitimate companies' web domains, on closer inspection the user may notice extra words in the domain name (for example, a company's official domain www.example.com could be changed to www.login-example.com), or dots and dashes replacing slashes (www.example.com/personal/login could be changed to www.example.com.personal.login or www.example.com-personal.login). Please note that the email body may contain the company's actual domain address, but when the user clicks on the link, the browser's address bar will show a different domain.
• The email is using an impersonal form of address, such as "Dear user," or "Hello".
• Graphics in the email or on he website look unprofessional, the text contains typos or bad grammar.
• The email recipient is being asked to immediately verify their confidential data by following a link, or sometimes to enter their data in a form in the email body. The email may explain such urgency with alleged account suspension or hacking, or a threat of losing one's data.

Phishing check

The Kaspersky application checks email and website contents for phishing and malicious links. Links are checked against a database of web addresses that have been identified by Kaspersky experts as malicious or phishing. Databases of phishing/malicious web addresses are updated on a regular basis.

For additional protection, Kaspersky uses heuristic analysis and sends queries to the Kaspersky Security Network (KSN) cloud services during the check. Kaspersky Security Network contains the most up-to-date information about recently emerged threats, including phishing and malicious websites which have not yet been added to Kaspersky databases. The data received by the KSN is analyzed by Virus Lab employees in real time.

If you have clicked through to a phishing website, you can report it to Kaspersky Security Network using the Kaspersky Protection extension.