Recognizing and Avoiding Phishing


Phishing is a type of social engineering attack that is frequently used to obtain personal data, including identity, login credentials, account numbers, credit card details, and other important information inside your computer, cell phone, laptop, and other gadgets you have, and they can use your identity and make illegal bank transactions. Cybercriminals spread thousands of phishing attacks every day because, in their mind, this is a kind of easy money that they can only do for a living. It happens when an attacker targets a specific individual by sending an email message, direct message, text message, or posting through social media containing a message stating that they have won in the ruffle games, free load, or other attempt, but before that they need to click the link or open an attachment to receive their prizes. The recipient is being tricked into clicking a dangerous link, which can result in the installation of malware, the freezing of the system as part of a ransomware attack, or the disclosure of private data. After being tricked by cybercriminals, they finally steal your identity, digital money, and account’s password.

Types of Phishing

Spear Phishing

From the words it self, “Spear” is a kind of phishing where cybercriminals use email or other electronic communications to target a particular group or specific person, such as a company’s system administrator, human resources, secretary, and others. Cybercriminals want to access a targeted user’s computer, laptop, cell phone, and other gadgets with malware. It happens when the attacker is sending an email with a link, but it directs to a fake website that contains malware. To attract the recipients’ attention, cybercriminals use custom strategies, social engineering tactics, and other reliable sources to avoid being suspicious by the recipients.


Whaling is a more specialized form of phishing that targets whales, which are larger than fish in the ocean. In other words, these attacks frequently target a CEO, HR, or any high position within a sector or particular company using email. The company may be subject to legal repercussions, and you must click the link to learn more or to solve the problem, according to a whale email. The link directs you to a website where you must enter important information like the tax ID, bank account details, and other concerns regarding your confidential information.


Smishing is an attack that is carried out over text messaging or short message service (SMS). It is delivering a message by SMS to a cell phone that includes a clickable link, and it is a common phishing attack that spreads these days. It happens when an attacker sends an SMS to a cellphone that contains a message claiming that you are the winner of their lucky ruffle draw. They will ask you to click the link to claim the rewards, and it will direct you to the fake site, where they will ask you to fill in the necessary information like your Gcash account and PIN password or other digital account. In other cases, they will introduce themselves as the manager of your existing bank account and inform you that your account has been compromised or has any illegal transactions and that you must act immediately. They will ask you for your bank account number and, once they have what they need from you, the attacker will have access to your bank account and will transfer your money from within your bank account to their bank account or any other account they choose.


This attack is carried out by voice call. This is why the name contains the letter “V”. It happens when the attacker is calling a specific target, and they will introduce themselves as a Microsoft representative or other reliable company. You are informed by this person that they have found a virus on your computer. The attacker starts to ask for your credit card information in order to upgrade your computer’s antivirus program. Your credit card information is now in the hands of the attacker, and you most certainly have malware on your computer.

Email phishing

It is the most common phishing attack. These emails are sent by cybercriminals to any email address they can find. Typically, the email alerts you to the compromise of your account and requests that you respond immediately by clicking on a link. Once you click the link, they will attempt to steal your money, identify your credit card numbers by filling in your personal information and asking for your password.

Search Engine phishing

Cybercriminals want to appear in the first search bar using a search engine and they pretend to be any kind of website, such as Google, Kiwi browser, Firefox browser, Opera browser, or any browser that you have. It happens when you are taken to the hacker’s website by clicking on the link that is displayed by the search engine, and when you engage with the website or enter sensitive data, cybercriminals can use that information to steal your information, including your bank accounts, identify, and other relevant information that you have.

5 tips on How to Avoid Phishing Sites

  1. Keep Informed About Phishing Techniques

Make your own research to know more about your enemies, If you don’t keep up with these emerging phishing scams, you could become a victim. You can also watch the news to get more knowledge about Phishing scams.

  • Think Before You Click

This also helps you to deal with how to avoid phishing sites. It’s not advisable to click on links that appear on your website, in random emails, or in text messages without thinking and analyzing them. Before clicking on any links, you need to ask yourself first if it’s a fake website or not. Because cybercriminals spread thousands of fake websites and emails that claim to be from reliable companies or sources. After that, they will ask you to fill out the form, but your name might not be included, and that is suspicious, isn’t it? Because the majority of phishing emails will begin with “Dear Customer” and “Good Day”, you should therefore think more carefully if you encounter this one.

  • Install Antivirus Software

It helps you to protect your computer from any viruses or threats. Update your Antivirus software regularly to be sure that your computer is safe from different and innovation of new Phishing scam. Every file or software applications that is downloaded to your computer from the Internet is scanned by antivirus software. Your system is protected from harm as a result.

  • Use Two-Factor Authentication

One of the solutions to your questions on how to avoid phishing attacks is to ensure your username and password, log in information, identify and confidential information are safe from phishing attacks since it will ask you for confirmation when logging into sensitive applications such as fingerprint, face unlock, and PIN confirmation from your registered number.

  • Never give out your Personal Information

You should never share your private or confidential information online. It is okay to be selfish sometimes, especially when it comes to your digital account or any personal information that you have. Make it a habit to look up the website’s address. Every secure website begins with “https” and also the web design.

Meanwhile, If you intend to invest in and purchase a legitimate real estate property, BRIA Homes is suitable for you! BRIA Homes is the fastest growing mass housing developer in the Philippines. It is a subsidiary of Golden Bria Holdings, Inc. BRIA Homes caters to every Filipino families and Overseas Filipino Workers that’s suit to their preference with very affordable and reasonable price.

You may also read a related article from BRIA Homes- Where do these text scams come from? To help you to get more information and Text Scam awareness.