Cybercriminals love to use these phony look-alike login pages to steal your credentials and access sensitive information.
Here’s a popular phishing scenario: You receive an email with a link. The link takes you to a phony login page with the name and logo of a legitimate website. Once you submit your username and password, the information is sent straight to the bad guys. Cybercriminals love to use these phony look-alike login pages to steal your credentials and access sensitive information.
Now cybercriminals have developed a way to make look-alike pages even more convincing. Scammers use a special tool to automatically display your organization’s name and logo on the phony login page. They can even use this tool to populate your email address in the corresponding login field. This creates a false sense of security because many legitimate websites remember your username if you have logged in previously.
While this is an advanced attack, you can still stay safe by practicing the tips below:
- Never click a link in an email that you were not expecting.
- Remember that any site, brand, or service can be spoofed.
- When you’re asked to log in to an account or online service, navigate to the official website and log in. That way, you can ensure you’re logging in to the real site and not a phony look-alike.
Stop, Look, and Think. Don’t be fooled.
KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.
DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.
