Phishing: How to be protected against this cyber threat?

Phishing is a method of internet fraud through which attackers attempt to gain access to victims' personal or financial information by posing as trusted entities. Attackers typically use fake emails, messages, or websites to trick users into giving-up sensitive data, such as credit card numbers, passwords, or personal information.

In a phishing attack, fraudsters send a message that looks like it comes from a trusted source, such as your bank, an online service, or a company you use frequently. The message often contains a link that takes you to a fake page that looks similar to the original page and asks you to provide your personal information.

Common phishing examples:

• Email from the bank: An email that looks like it's from your bank and asks you to update your password or account information.
• Urgent messages: A message alerting you to an important problem and requiring you to take quick action, such as your account getting closed, if you don't provide further information.
• Great Offers: An email or message that offers you a great gift or discount if you click on a link and provide your information.
  

How to recognize a phishing email?

To protect yourself from phishing, it is important to know how to identify a fake email or message. Below are some of the signs to look out for:

The email is unexpected and urgent
If you receive a message unexpectedly and are asked to act immediately by clicking on a link or providing personal information, proceed with caution. Phishing frequently uses a sense of urgency to persuade you to act quickly and without thinking.

The email address does not seem reliable

Check the sender's address. Fraudsters frequently use email addresses that appear to be official but have minor errors such as changes in the domain name (e.g., @raiffaisenkosovo.com instead of @raiffeisen-kosovo.com).

Grammatical and spelling errors
Many phishing emails have obvious grammar or spelling errors. This is a sign that the email was not sent from an official source.

Personal information is required
No trustworthy institution will ask you to share passwords, credit card numbers, or other sensitive data through email or text.

How to protect yourself from phishing?

• Don't click on links from unknown sources - If you receive an email asking you to click a link, avoid clicking it. Instead, go directly to the official website of the company or service through your browser and check the information there.
• Check the URL address. If you click a link, check the URL address carefully. Fraudulent sites often have URLs that are very similar to the real ones, but with minor changes, such as unusual additions or letter substitutions.
• Use two-factor authentication (2FA) - enabling two-factor authentication for your online accounts adds a layer of security, making it harder for fraudsters to get into your accounts, even if they get your password.
• Install an antivirus program - an up-to-date antivirus can help protect your computer from malware distributed through phishing attacks. These programs can often detect and block fraudulent sites before you make a mistake.
• Report phishing - if you think you've received a phishing email, report it to the institution or company the email is trying to impersonate. This helps prevent further spread of scams.
  

What to do if you have fallen prey to phishing?
If you believe you have provided sensitive information through a phishing attack, take the following steps immediately:

• Change passwords for accounts that may have been compromised.
• Notify the relevant bank or institution if you have shared financial information.
• Monitor your accounts for any unusual activity.
• Use an antivirus scanner to ensure your device is not infected with malware.
  

Phishing is one of the most common internet security threats, but you can protect yourself with a few simple steps. By being cautious and knowing the warning signs of a phishing attack, you can maintain your online safety and protect your personal information. 

Please be aware that our official communication channels are only through phone numbers: 038/222-222 and 049/222-222, as well as through our official domain: raiffeisen-kosovo.com.

If you receive any calls, messages, or emails that appear to be from these numbers or from our domain, but you have doubts about their authenticity, please stop communicating immediately, do not share any personal or sensitive information, and notify us immediately.