At least once or twice, in all the time that you have owned a mobile phone, you must have received a few messages not unlike the ones quoted above.

Before it dawns on you that such messages are potentially dangerous, you would have been almost tempted to click on them!

This is how Phishing works – it works on your mind to deceive and defraud you. Phishing messages give a false impression of urgency and alarm to attract attention and compel you to take a step that can only be destructive and dangerous.

Want to know how Phishing is used by cyber criminals? Here are a few scenarios:

• Someone in the guise your broker might share with you an Email or SMS which requests you urgently to update your KYC by clicking on a link. However, shortly after you click on the same, you realize that all your stock holdings have been sold, and some illiquid Option contracts have been bought into your account as well.
• Some cyber criminals can pretend to be Registered Investment Advisors (RIAs) and trick you into sharing your broking account credentials with them. As a result, you may lose all your investments in one go, and the cyber criminals could also use your funds to take loss-making investment decisions.
• Some cyber criminals might also use social engineering to hack into your email account forcibly if it is not protected with two-factor authentication (2FA) security. By obtaining email access, they can then reset your login credentials and hack into your other accounts too.

How to protect yourself from Phishing?

• Click with Caution: Go through your messages carefully before you proceed to click on any link contained in them. Some phishing messages also contain links to malwares and other threats. RULE OF THUMB: Before clicking on any link, hover your cursor over it and look at the bottom-left of your screen for the full link. If the link looks suspicious, DO NOT CLICK on the same.
• Use Encrypted Connections: When browsing the internet on your devices, make sure that there is a padlock symbol in your browser’s address bar, which indicates a secure, encrypted connection (HTTPS). Do not enter any private or other sensitive information on non-secure websites.
• Post / Download Carefully: Your posts on public social media channels and other apps can be exposed to millions across the world and even reveal sensitive information. You should also refrain from downloading suspicious content or software which can contain malware. NOTE: What you post on the Internet remains there PERMANENTLY.
• Update Regularly: One way to secure your devices, operating systems, web browsers, and applications is to update them as regularly and frequently as possible. Updates often include security patches that protect them against known and unknown hazards.
• Check Contact Details: Make it a point to check the contact details of anyone who sends a suspicious-looking email or message. If they look false or made-up, it could mean that they are phishing messages.
• Read Carefully: A Phishing message would usually contain discernible errors in grammar, spelling and layout but some messages can look trustworthy too! Make sure that you read all messages carefully before taking any step.

With these practical and effective steps, you can secure your account against phishing and even other cyber security hazards.