The tutorial introduces what is phishing and how to protect your account from it.
1. What is phishing?
A phishing scam refers to the criminal activity where lawbreakers trick someone into giving away sensitive personal information such as his username, password, credit card, and ID card details, by masquerading as some others. They claim themselves as official staff, operating staff, customer service, or Internet administrators in an attempt to defraud the victim’s trust.
2. Phishing’s routes of transmission
Via virus Lawbreakers clone a website resembling Bexplus’ website, and send the fake website to clients’ computers via some viruses, spams, and so on; or place the fake website on search engines to treat users to log in, for the purpose of stealing their account password, trading information or even capital, etc.
Via SMS Lawbreakers disguise themselves as Bexplus staff to send scam messages to users, asking users to log in to the designated website to make authentication, under an excuse that they have won a prize in a lottery or that their accounts have been stolen. The fake website is established for users’ information by those lawbreakers, so once users log in to that website and operate on it, their account, password, or other information will be divulged to the lawbreakers.
Via establishing fake websites Lawbreakers establish a fake website first and then publish false activities on the website. If users are lured by the activities and log in to that fake website, their account and password will be divulged to lawbreakers.
Via an email address faked as the official one Lawbreakers send a lot of fraudulent emails to temper users to log in to a fake website under excuses like winning a prize in a lottery or system upgrading. The receiver is required to click the website in the email to log in to a page resembling Bexplus website. Once the user types his account, password, or other information on the designated page, his information will be stolen.
- Use Chrome browser that is comparatively secure, and update it to the highest version;
Note: Chrome is one of Google’s products, whose security is wide-recognized. Updating to the highest version is under the consideration that low versions contain lots of loopholes.
- Do not install browser plug-ins optionally;
Note: Browser plug-ins, with high power, possess the risk of being hacked, as demonstrated by "the loophole in Chrome’s User-Agent Switcher".
- Do not click untrusted links, nor enter your Bexplus account password and personal information, in case of being hacked by phishing websites or cyber Trojans;
- Install antivirus software, and termly detect and kill viruses for your computer and phone;
- Update system patches on schedule;
- Do not give the verification code from official sources to others;
- When you log in or perform trading-related operations, please confirm whether the domain name belongs to Bexplus, and you are allowed to consult customer service for an unknown one.