Read the text and answer the following questions.

Phishing
Phishing is one of the most common methods of cybercrime when hackers try to defraud and
steal personal, financial, and other sensitive information. People's growing reliance on the
internet while conducting daily business provides fraudsters with the perfect environment to
launch targeted phishing attacks. Scammers use emails, telephone calls, or text messages that
may look like they're from your bank, a social networking site, or a popular online store to trick
you into revealing them your personal information by your clicking on a link, opening an
attachment, or saying it. They may try to steal your passwords, account numbers, or verification
codes. If they get that information, they can gain access to your emails, clouds, or bank accounts.
But it's not just malicious emails or text messages that are used to trick people into clicking on
links or divulging sensitive information. Another common tactic used by cybercriminals involves
the creation of phishing websites to trick victims into entering sensitive information. These fake
websites are created to dupe unsuspecting users into thinking they are on a legitimate site. The
criminals spend a lot of time making the site seem as credible as possible and many sites will
appear almost indistinguishable from the real ones. However, there are eight top tips to identify
phishing websites, emails, or messages:

1. UNSECURE URL
The first step is to hover your mouse over the URL and check the validity of the web address. You
should look for a padlock symbol in the address bar and check that the URL begins with a
'https://. where the's indicates that the web address has been encrypted and secured with an SSL
certificate. Without HTTPS, any data passed through the site is insecure and could be intercepted
by criminal third parties. However, this system is not totally foolproof, and within the last year,
there has been a notable increase in the number of phishing sites using SSL certificates. Users are
advised to be extra cautious and look for further evidence of the site's safety.
2. PUBLIC EMAIL DOMAIN
No legitimate organization will send official emails from an address that, for example, ends with
commonly-used @gmail.com. Not even Google. Most serious organizations, except some small
firms, will have their own company accounts and email domain (the part after the @ symbol). For
example, legitimate emails from Google will read @google.com.
3. MISSPELLED DOMAIN NAME
You should also pay close attention to the spelling of a web address. To trick users into thinking
they are on an official site, the fraudsters will stick as closely as they can to the real address and
make small changes to the spelling. A web address that ends in a .co.uk, for example, might be
changed to a .org, or the letter O could be substituted with the number 0, like in www.yah00.org
instead of www.yahoo.com. The spoofed web address may also contain extra characters and
symbols which official addresses will not contain.
4. BOGUS EMAIL ADDRESS
When crooks create their bogus email addresses, they can often select the display name (the part
before the @ symbol) which usually doesn't relate to the email address at all. So they can create
a bogus email address that will turn up in a victim's inbox with the display name Halykbank, for
instance. In other words, their bogus email address will use the spoofed organization's name in
the display part of the address. So, when the Victim opens the email from the company he thinks
he knows well, he jumps straight into the content without noticing the trick.
5. SUSPICIOUS LINKS
Never click on a link or a button embedded in an email because it may redirect you to a malicious
site or you can accidentally download malware. Even if it came from someone you trust, always
type the link into your browser to check its properties. Also, you can check the true destination of
any hyperlink either by right-clicking on it and selecting
"Properties" or by hovering your mouse over the link, and the destination address appears in a
small bar along the bottom of the browser. You can spot a suspicious link if the destination
address doesn't match the context of the rest of the email.
6. DEFECTIVE CONTENT
A lot of hard work and thought will go into the crafting of an official website. The graphics will be
sharp, the spelling and grammar will be on point, and the whole experience will feel polished.
Thus, simple spelling mistakes, broken English, grammatical errors, or low-resolution images
should act as a red flag that you are on a phishing site and must leave immediately.
7. TOO GOOD OR URGENT
Scammers may offer a coupon for free stuff to make you click on the link, but you should never
forget that "there's no such thing as a free lunch". Also, they know that most people
procrastinate. When people receive an email with important news, they mostly decide to deal
with it later. But the longer the victim thinks about something, the more likely he is to notice
something doubtful. That's why so many crooks request to act urgently (often showing a
countdown) or else it will be too late.
8. LACK OF CONTACTS AND REVIEWS
All business domains have to register their web address and provide their contact details so that
potential clients can get in touch quickly. So, it's always worth doing a bit of research on a
company to check if they are reputable and they are who they claim to be.
In addition, serious companies provide an opportunity to give feedback on their service so that
potential clients would have trustworthy and positive insights. And when there are lots of
negative customer reviews, it's a good indication that you should stay away from the site in
question. So, if therg are non-working contacts and too many positive or no reviews at all, then
most probably you've entered a phishing site.