In general, read all messages carefully no matter who they appear to come from and scrutinise all websites no matter how familiar they seem.
Here are some warning signs to watch out for -
1. Overly general language: Be wary of messages that seem to come from Iryasa, but open with vague statements.
2. Alarmist or overexcited tone: Watch out for time-sensitive requests that try to scare you into acting without thinking. For example, we won't ever send you a message such as this: We've had a catastrophic server failure. Respond with your username and password in the next 24 hours or you'll lose access to your account permanently.
3. URLs that don’t look right
Phishing attempts can include URLs that appear legitimate if you don't look too closely. Many phishing attempts use URLs that have been deliberately chosen to resemble a URL that you're already familiar with. For example, the real URL directs you to our site at the domain iryasa.com and the phony URL directs you to a malicious site at the iryasa-com-skincare.net which is likely owned by attackers/criminals.
4. Make sure your connection to any website uses HTTPS
When you open any link where you could be asked to enter a username and password or other sensitive data, check that a lock icon appears beside the URL in your browser. The lock icon tells you that the connection to the site is encrypted using the HTTPS protocol. URLs for encrypted connections start with https:// rather than http://. Connections that use http:// send data in plain text, meaning it can be intercepted en route and read.
5. Only open attachments or links that you expect
Don’t interact with attachments, links, or forms unless you are expecting them and know what they contain. Not only can they redirect you to a malicious site designed to steal your information, but they can also infect your device with malware. When link text is a URL, make sure that it matches the URL in the link itself. For example, a link written out as https://support.iryasa.com in the body of an email might direct you to a phishing page at another URL.
6. Be careful with public wi-fi
Public wi-fi is convenient when you're on the go, but it provides many different ways for criminals to gain access to your information. You can reduce your risks by taking steps to protect yourself and your data.
- Verify hotspot names: An attacker can create their own unencrypted wi-fi hotspot that is named like a reputable one in the same area, such as the network in a coffee shop. If you connect to the phishing hotspot, the attacker can direct you to their own page, where you can be exposed to malware or asked to enter private information. Before connecting, make sure that the hotspot you plan to use is legitimate. If you can't see the hotspot name posted in an obvious place, then ask an employee.
- Disable access points to your device: Even if you have connected to a legitimate public wi-fi hotspot, you can still be at risk by being on the same network as an attacker. Public wi-fi networks are much less secure than private networks like the one at your home or office. Protect yourself by turning off file sharing within your network and enabling your firewall before connecting. Even with these precautions, it's still not a good idea to send or receive any sensitive content using a public wi-fi network.
When in doubt, kindly contact us immediately and we are here to help investigate your request/concern.