Stay Safe Online

Detect phishing links and protect your digital identity

Scroll to explore
Recent Scans

What is Phishing?

Understanding the threat that targets millions daily

Definition

Phishing is a cyber attack where fraudsters impersonate legitimate organizations to steal sensitive information like passwords, credit cards, and personal data through deceptive emails, texts, or websites.

Scale of the Problem

Over 3.4 billion phishing emails are sent daily. Companies lose an average of $1.6 million per phishing attack. More than 90% of data breaches start with phishing.

Common Types

Email Phishing: Fake emails mimicking banks or services
Spear Phishing: Targeted attacks on specific individuals
Clone Phishing: Replicas of legitimate websites

Red Flags to Watch

Learn to identify suspicious signs before it's too late

1

Suspicious URLs

Check the domain name carefully. "amaz0n.com" or "goggle.com" instead of the real ones are dead giveaways.

❌ https://am@zon-secure.com/login ✅ https://www.amazon.com/login
2

Urgent Language

"Your account will be closed in 24 hours" or "Verify immediately" creates panic and makes you act without thinking.

3

Generic Greetings

"Dear Customer" instead of your name is a sign. Legitimate companies use your actual name.

4

Requests for Personal Info

Banks never ask for passwords, SSN, or credit cards via email. If they do, it's 100% a scam.

5

Poor Grammar & Spelling

Professional companies proofread. Lots of typos and grammar errors? It's likely phishing.

6

Suspicious Attachments

Unexpected files (.exe, .zip, etc.) can contain malware. Don't download from unknown sources.

7

Mismatched Links

Hover over links to see the actual URL. If it doesn't match the text shown, don't click it.

8

Too Good to Be True

"You won a prize you didn't enter" or "Claim your free money" - these are classic phishing tactics.

How to Protect Yourself

Practical steps to stay safe from phishing attacks

Use Strong Passwords

  • At least 12 characters long
  • Mix uppercase, lowercase, numbers & symbols
  • Unique for each account
  • Use a password manager (Bitwarden, 1Password)

Enable 2FA / MFA

  • Two-Factor Authentication adds a second layer
  • Use authenticator apps (Google Authenticator, Authy)
  • Avoid SMS 2FA if possible (can be intercepted)
  • Enable on email, banking, social media accounts

Verify Before Acting

  • Don't click links in suspicious emails
  • Go directly to the website by typing the URL
  • Call the company using a known number
  • Ask colleagues if they received similar emails

Keep Systems Updated

  • Update OS regularly (Windows, macOS, Linux)
  • Update all applications and browsers
  • Install security patches immediately
  • Use reputable antivirus software

Use Email Filters

  • Enable spam filters in your email client
  • Mark phishing emails as spam/phishing
  • Use browser extensions (e.g., Bitdefender TrafficLight)
  • Be cautious of emails from new senders

Think Before You Click

  • Stop and think before clicking any link
  • Hover over links to see actual URL
  • Check sender email address carefully
  • Never download unexpected attachments

Monitor Your Accounts

  • Check bank statements regularly
  • Monitor credit reports (annual free check)
  • Set up account alerts for suspicious activity
  • Use identity theft protection services

Report & Share

  • Report phishing emails to the company
  • Forward suspicious emails to Anti-Phishing WG
  • Report to CERT-In at www.cert-in.org.in
  • Educate friends and family about risks

If You've Been Phished

Immediate steps to minimize damage

1

Change Your Password Immediately

Change the password for the compromised account and any other accounts using similar passwords. Do this from a different device if possible.

2

Enable 2FA/MFA

If not already enabled, activate two-factor authentication on all accounts, especially email and banking.

3

Monitor for Fraud

Check credit card and bank statements for unauthorized transactions. Consider placing a fraud alert with credit bureaus.

4

Run Security Scan

Scan your device with reputable antivirus software to detect and remove any malware installed by phishing links.

5

Notify Relevant Services

Contact your bank, email provider, and any other affected services. They can help secure your account and monitor for unauthorized access.

6

Report to Authorities

Report the incident to CERT-In (www.cert-in.org.in), cybercrime.gov.in, your local police, and I4C. Keep documentation of all communications.

Phishing Statistics

The growing threat of phishing attacks worldwide

3.4B+

Phishing emails sent daily

90%

Data breaches start with phishing

$1.6M

Avg loss per attack

1 in 101

Emails are phishing attacks