SKMM

MADUNET

We identify the type of attacks and malware coming into Malaysian network

SKMM

Anti-Phishing

Did you know?

Tips Keselamatan ICT
Memuat turun muzik yang dilindungi hak milik tanpa membayarnya adalah menyalahi undang-undang.

Tips Keselamatan ICT
Gunakan laman web yang biasa digunakan oleh rakan anda atau yang biasa dikenali.

Tips Keselamatan ICT
Gunakan mekanisme pembayaran dengan selamat.

Tips Keselamatan ICT
Gunakan kad kredit, ia biasanya dilindungi daripada penipuan.

Tips Keselamatan ICT
Fikir sebelum anda membuka e-mel. Adakah saya mengenali orang ini?

Tips Keselamatan ICT
Adakah tajuk e-mel ini masuk akal? Jika tidak, jangan buka.

Tips Keselamatan ICT
Halakan tetikus pada pautan untuk melihat alamat laman web (URL). Jika URL tersebut berbeza daripada jangkaan anda, jangan klik padanya.

Tips Keselamatan ICT
Laporkan spam dan virus kepada SKMM/MCMC, MyCERT, ISP, orang dewasa atau polis.

Tips Keselamatan ICT
Ingat anda tidak wajib membuka e-mel, jika ia penting dan anda memadamnya , orang tersebut akan menghubungi anda semula.

SKMM ANTI-PHISHING

"Phishing is a fraudulent attempt, usually made through email to steal your personal information!"

Phishing emails usually appear to come from a well-known organization and ask for your personal information such as credit card number, account number or password. Often times phishing attempts appear to come from sites, services and companies with which you do not even have an account.

A short 2-3 minute video could save you $$$ ! Please take some time to listen to the easy things you can do to avoid getting phished!

In order for Internet criminals to successfully "phish" your personal information, they must get you to go from an email to a website. Phishing emails will almost always tell you to click a link that takes you to a site where your personal information is requested. Legitimate organizations would never request this information of you via email. (PhishTank)

Protecting yourself from being a victim of phishing websites

  • Don't click on links in email.
  • Start using OpenDNS.
  • Upgrade your Web browser now.
  • Don't install anything until you have checked with your IT administrator or someone knowledgeable.
  • Verify the return address is a valid one.
  • If you didn't initiate a transaction to which an email is referring, it's probably a scam.
  • Don't send people money, no matter how convincing their request is.
  • Internet fraud is huge and the likelihood is that the sad tale you are told is totally made-up.
  • Avoid buying normally pricey items on line. If the offer seems to good to be true it probably is a scam.

Method of Phishing

  • Customer receives a fraudulent e-mail seemingly from a legitimate Internet address.
  • Advises the customer to Click on the hyperlink which directs the customer to a fake web site.
  • Fake web site looks similar to the genuine Bank's website.
  • Usually the email will either promise a reward on compliance or warn of an impending penalty on a non compliance.
  • Customer provides personal details in good faith.
  • Clicks on 'submit' button, but web page displays an error message. It is an indication that it is a phishing attack.

How to spot Phishing?

How good are you at spotting Phishing? Click HERE to find out. Fraudulent websites and emails look authentic with corporate logos and layouts that identical to the genuine websites.

Victims may get attracted to reply or to follow the instruction and provide them with personal information that supposed to be kept secret.

What should you do to avoid being a victim

You should never respond to any emails that:-

  • Requires you to enter personal information directly into the e-mail or submit them online.
  • Threatens to close or suspend your accounts if you do not respond.
  • Claims that your account has been compromised.
  • Requests you to enter, validate or verify your account information.
  • States that there are unauthorized charges on your account and requests your account information.
  • Claims that the bank has lost important security information and needs you to update your information online.
  • Requires you to enter your card number, password, user ID or account numbers into an email.