Phishing is real!

3840476 2 scaled 1
We’ve all heard of the word phishing but have never really paid attention to it. If it hasn’t happened to me or my business I don’t worry, guess what, we are all in danger.
3840476 2 scaled 1

Phishing explained

Phishing is a fraudulent act in which an attacker acquires sensitive data, such as bank account numbers, through a fraudulent solicitation in email or on a web site, in which the perpetrator masquerades as a legitimate business or reputable person.

The Internet is a network of computers filled with valuable data, so there are many security mechanisms in place to protect that data, but there’s a weakest link: the human. If the user freely gives away their personal data or access to their computer, it’s much harder for security mechanisms to protect their data and devices.

phishing attack is an attempt to trick a user into divulging their private information.

phishing attack
A phisher puts out some tempting bait, a persuasive website. If the user bites, then the phisher can reel in some tasty private information.

An example attack

A phishing attack typically starts with an email that claims to be from a legitimate website, like a banking website or online store:

example attack
An email that claims to be from PayPal

The goal of the email is to obtain private data from the user, so it either asks the recipient to reply with personal information or it links to a website that looks remarkably like the original site:

A website that claims to be a PayPal login screen

Signs of a phishing attack

Fortunately, there are some tell-tale signs of phishing scams.

Suspicious email address

Phishing emails will often come from addresses at domains that don’t belong to the legitimate company.

Email looks like it's from PayPal but is actually from

Conversely, a legitimate email address is not a guarantee that an email is 100% safe. Attackers might have figured out a way to spoof the legitimate email address or hacked their way into control over the actual email.

Suspicious URL

Phishing emails will often link to a website with a URL that looks legitimate but is actually a website controlled by the attacker.

URL has "paypal" in it, but isn't PayPal's actual domain.

In terms of section 75 of the Electronic Communications and Transactions Act (“the Act”) Mubvumela Corporation has designated the Internet Service Providers’ Association (ISPA) as an agent to receive notifications of infringements as defined in Section 77 of the Act.

Internet Service Providers’ Association (ISPA)

Address: PO Box 518, Noordwyk, 1687
Telephone: 010 500 1200
Take-down notice email: