'I Got Phished' Promises to Notify the Victims of Phishing Scams

If most of your work tasks are performed online, you probably encounter phishing emails from time to time. Everyone knows (at least in theory) that they need to avoid phishing, but sometimes it is hard to tell phishing emails and genuine emails apart. There are also countless news articles and blog entries out there that try to educate people about phishing scams. We have an entry here as well. But despite all that, people are still getting duped by cybercriminals.

Although prevention is very important when it comes to protecting your business and your personal information from phishing scams, we have to think about mitigation, too. The truth is that people often don’t understand that they’ve become victims of a phishing attack. It is especially vital if cybercriminals use phishing to target your business. Thus, to alleviate the burden at least a little bit, a non-profit organization Abuse.ch is rolling out a new “I Got Phished” notification feature. This feature is supposed to notify businesses when they become victims of a phishing attack.

Where does I Got Phished get their data?

So, how I Got Phished can actually tell that you have become a phishing scam victim? Well, according to the FAQ section on the I Got Phished website, the service is able to provide you with comprehensive information on phishing attacks because it relies on third-party researchers. The service does not generate phishing data itself. Instead, it collects information from the researchers that submit phishing-related data.

At the same time, I Got Phished points out that the project does not review the data submitted by the researchers, and they also cannot check whether the data is accurate or not. So, it all depends on the trust between the service and the researchers who look into phishing incidents worldwide. This kind of data collection shows that this service cannot ensure that it will be able to notify businesses of all the potential phishing scams in the world, and there's a limit of how much one can trust such services.

At the same time, we have to remember that information on phishing and similar cybercrime attacks has always depended on sharing and user involvement. There are quite a few researchers out there that tap into this out of sheer interest, curiosity, and because it’s their hobby. Thus, whenever you might be considering signing up to some anti-phishing service, you have to keep in mind that every service has its limits.

How do I get the “I Got Phished” notification?

When you decide register your domain name for the service, allegedly, “I Got Phished” notifications are sent to a common service mail address that you can choose when you sign up. You also have to confirm that you are the owner of the registered domain, so that you could receive the information about phishing scams.

I Got Phished also points out that you cannot register your email for this service if you are an individual user. That is because only domain names are accepted for this service, and the phishing reports are based on domain names and not on individual email addresses.

What’s more, the service points out the differences between I Got Phished and HaveIBeenPwned. You’ve probably heard of the latter before. So, the main difference is that HaveIBeenPwned notifies individual email address owners if their email was compromised. I Got Phished focuses solely on notifying corporate security representatives, and it focuses on battling phishing scams within corporate domains. In other words, if I Got Phished finds your domain within its internal phishing database, it will alert your security representatives about the potential security breach.

For some, it might seem that I Got Phished offers a very limited service, but businesses worldwide are still suffering from phishing attacks. Admittedly, it affects even the biggest companies out there, so if this service can rein in the proliferation of phishing scam campaigns, it would clearly save a lot of time and money for all.

What are the main cybersecurity measures against phishing attacks?

Researchers unanimously agree that password strength and multiple authentication methods should mitigate the phishing threats that multiple companies experience every day. And perhaps, you are willing to create your own passwords at home (which is not recommended, by the way), but at work, you should leave it to a reliable password manager that would create and store all the passwords you need to use at work for you.

Also, multiple authentication methods refer to two-factor authentication or multi-factor authentication. That’s when you need more than just your password to access a service or an account. Security experts say that deploying two-factor authentication should protect corporate accounts from phishing attacks. Of course, it doesn’t mean that multi-factor authentication is an impenetrable wall. There are phishing toolkits out there that help cybercriminals to bypass the multiple authentication layers. However, not everyone is geared up for that, and you shouldn’t take your chances if you want to protect your business from severe data theft.

If a phishing attack is successful, you have to change login credentials across your company as soon as possible. If one employee account was compromised, start with renewing passwords for that account without any further delay. Again, this is where password managers become useful. You can generate new and unique passwords for compromised accounts without too much difficulty, at the same time storing them safely encrypted in the password manager's vault.

So, what can we take from this? If you’re running a business and you have a corporate email domain, you might want to sign up for the phishing scam monitoring service offered by Abuse.ch. If you register, your security representatives can receive the “I Got Phished” notification that will notify of a potential security breach within your company. Since phishing attacks are still a big problem for businesses around the globe, this service should mitigate the potential damage. Finally, do not forget the basic security measures that can stop cybercriminals from reaching your businesses via phishing attacks. Use strong passwords to protect your services and deploy multi-factor authentication today.

By Foley
March 30, 2020
Computer Security
English
March 30, 2020
Computer Security

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

News

Schemers Hide Behind SharePoint to Expose Victims to Phishing Scams

We've often said on these pages that in technical terms, phishing is the simplest form of cybercrime. Even so, pulling off a successful phishing attack still requires some preparation, especially if the crooks are... Read more

September 13, 2019
How To

How to Protect Passwords as Phishing Scams Increase by 80%?

Attacks via fraudulent email scams have increased sharply in recent years. Some experts claim they have gone up by a staggering 80%. IT specialists have sent out warnings to major companies and internet providers in... Read more

January 18, 2019
Tips

How to Spot and Avoid Phishing Scams

Nowadays, pretty much everyone's on their toes when it comes to real life (IRL) fraudsters. Charlatan tricks, pyramid schemes, television hoaxes, unsolicited and phony services and subscriptions have harmed so many... Read more

June 22, 2018
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.