What is Phishing? How does it affect me?
Phishing is the attempt to acquire sensitive information such as usernames, passwords, and personal information for malicious and fraudulent use.
Phishing comes in many ways and forms, from emails and/or websites that look identical to the website you are familiar with, it is very important you always look out for signs of a phishing website.
How can I tell the difference between Rivalo and a phishing website?
- Check the Web address
Just because the address looks OK, don’t assume you’re on a legitimate site. Look in your browser’s URL bar for these signs that you may be on a phishing site.
- Incorrect company name.
Often the web address of a phishing site looks correct but actually contains a common misspelling of the company name or a character or symbol before or after the company name. Look for tricks such as substituting the number “1” for the letter “l” in a Web address (for example, www.rivalo33.com or or www.rivalaao5.com instead of www.rivalo5.com).
- Ensure its secure.
“https://” with an “s” at the start of the address indicates that it is secure.
A legitimate Rivalo page address starts with “https://”.
- Be aware of pop-ups.
Be careful if you are being sent to a website that immediately displays a pop-up window asking you to enter your username andpassword. Phishing scams may direct you to a legitimate website and you will not notice the difference (only the fact that you are not logged in after “logging in”)
- Look for the lock.
When a domain has been verified, it means that the people who are running the site have bought a certificate proving that they own the domain and it is not being spoofed. This may not be the best indicator that the site is secure, so it’s always wise to keep the other checks aswell in mind.
- Unofficial “From” address.
Look out for a sender’s email that is similar to, but not the same as, a company`s official email address. Fraudsters often sign up for free emails accounts with company names in them (such as “email@example.com”). These emails are meant to fool you, and often look official. Rivalo will always send from an “@rivalo.com” address. Be aware that not all Email Clients such as Thunderbird, Outlook or similar will check the Authenticity of an Email – Hackers can spoof the “from” Email-Address into showing the Sender as “firstname.lastname@example.org”, make sure you never give your credentials if you believe a site is not real – you can read more about it here
- Generic greeting
Fraudsters often send thousands of phishing emails at one time. They may have your email address, but they seldom have your name. Be skeptical of an email sent with a generic greeting such as “Dear Customer” or “Dear Member”. And if they do have your name, make sure to check the URL which lead to their site. Sometimes a URL can be formed in this way: http://www.rivalo.com.ui33gfofo.co/xyz/123/and since the beginning looks like “Rivalo” because of the www.rivalo.com, you might be tricked into giving your Details, be very careful with such sites!
- Link to a fake website
To trick you into disclosing your username and password, fraudsters often include a link to a fake website that looks like the actual sign-in page of a legitimate website. Just because it includes a company’s logo or looks like the real page does not mean it is! Logos and the appearance of legitimate web sites are easy to copy.