The development and use of the advanced technologies and customer services brings numerous benefits, but at the same time the risk of abuse is increasing and the service users are facing potentially dangerous electronic content. Various Internet fraud attempts are happening on a daily basis, and therefore care needs to be taken to protect personal data from ending up in “wrong hands” and causing damage to users.
One of the most frequent forms of fraud is “phishing”. Most often, it is the act of sending e-mails from a false e-mail address in an attempt to manipulate the user and scam the user into submitting private information such as user names, passwords, PINs, credit card details and other personal and confidential information. By acquisition of such personal information, phishers create the opportunity to achieve material gain, which could cause many problems to users whose data have been compromised.
Besides e-mails, other communications channels can also be the target of phishing attacks, e.g. instant messages (ICQ, Skype), social networks etc.
Hrvatski Telekom pays special attention to the safety of its customers, offering various forms of Internet protection, like firewalls, anti-virus and anti-spam protection. However, regardless of the implemented protection technology, the use of Internet services requires additional caution and attention of users. Therefore, the priority is to accomplish security in the use of Internet services in accordance with their development trends, by means of education and raising the public awareness.
If they receive suspicious e-mails, we recommend our customers under no circumstances to provide their personal information, not to follow the links or open the attachments contained in such e-mail, unless they are absolutely sure who sent them.
In the case of receipt of suspicious e-mail, our customers can report such mail to: abuse@t.ht.hr
How to Recognize Phishing E-Mail?
- Grammatical errors: Phishing e-mails often contain grammatical errors, because the persons sending them do not spend as much time to correct them as the legitimate companies and they frequently use automatic translation tools (e.g. Google translator). The phishing messages generally look very unprofessional, especially if written in Croatian.
- False links: The links in phishing messages often do not match the URL (the address referenced by the link). Never follow the links in suspicious messages. Instead, place your cursor over the link for a couple of seconds without clicking on it, because with the majority of modern e-mail programs the actual address where the link is going to take you will appear in the bottom of the window or above the cursor.
- Threats or rewards In order to motivate the user to do what they want s/he is instructed in the phishing message, phishers frequently use threats or rewards. Examples of threats include closing of the user account, service cancellation or even some legal consequences. The rewards most frequently include money (lottery money, gifts, tax return, etc.).
- Using the identity of legitimate companies or institutions: Phishing messages often seem to be sent by recognized companies, Internet services or other government and international bodies. The false address of the sender ("From" tab) and the visual identity (logo, font, etc.) are only some of the techniques used to deceive the user. Since widely known legitimate companies and institutions never ask for the personal information in this way, it is easy to recognize a fraud.
- Program warnings: Modern e-mail programs and web browsers (e.g. Internet Explorer, Firefox, Chrome) have installed mechanisms for identification of fraudulent content. When opening a message or visiting a web page, the program can display to the user a security warning in the case of potential phishing or any other kind of threat. Even though they are very useful, such mechanisms are not perfect and it is not advisable to fully rely on them.