Preventing Phishing

The online industry is booming worldwide, and showing no signs of slowing down. As such, it also attracts some abusive behaviors. One of the most common abusive behaviors is phishing. A phishing message (or email) is designed to capture the user’s credentials, for multiple reasons, some of which may be illegal. The attacker may be looking for the user’s credit card information, passwords, government-issued ID number (i.e. Social Security number in the U.S.), and much more.

Phishing messages might also include malicious files (or links, which are also known as URLs), that can be used by hackers to extract your personal information. These files might have innocent names or standard endings, but they might also be embedded with malicious functionalities that are hard to detect. By downloading or opening these files, you may grant hackers access to your personal info. To reduce the risk of this happening, it is recommended that you do not open or download any suspicious files.

Being aware of the common methods attackers use will assist in preventing the loss of personal information, and the hassle that comes with it.

Yami (asktoyami.com) wants to assist its users to better identify potential attempts to extract personal information.

Make sure you only insert your login details (password and security questions) on the https://asktoyami.com homepage or login page.

Always be cautious when clicking a link that redirects you to a different login page.

It is recommended that you always check a link before you click on it. You may do so by hovering your mouse over the link and looking at the address, which it redirects to (seen at the bottom of the browser).

While the site may be set up to look like ask yo yami or yami, it may be a phishing site that will steal your login details. Here are several tips to protect your password online:

When you login to asktoyami.com, you will always see “https” prefix (or a lock sign) in the beginning of the URL (the website address).

A phishing site (pretending to be asktoyami.com), was reported and closed. It looked like this and lacked the mentioned “https” prefix or lock sign.

Although we’re constantly working on strengthening the levels of security for your ask to yami account, it is also important that you stay alert. So if you ever receive something you weren’t expecting, or if something seems not quite right, think twice before opening it.

Remember, if you’re not sure about a link, you can always open a new window and simply insert the https://asktoyami.com address by yourself rather than clicking on the link you received. This way, you will know that you are logging into asktoyami’s genuine website.

So, you may be wondering, “how can I know I was redirected to a potential phishing site?” Well, the bad guys sometimes try to imitate the look of a real website. However, in most cases, phishing sites won’t be updated and will have less features than the original site’s home page.

Here are a few easy ways, that might be used by bad guys to try and lure you to a fake web page (by sending you phishing links and or messages):

Emails or chat messages claiming that you’ve won a prize, a discount or a special offer.

Email warnings that your information has been compromised and you need to click the link and login to secure it.

Fake messages from yami or asktoyami staff: Look out to see if yami or asktoyami is spelled wrong (e.g. yaami, ymishopping etc.). Email addresses can possibly have foreign or alternative domain suffixes (e.g. .it, .de, .ru, .so).

If you ever receive a phishing link or a suspicious message, please contact our awesome Customer Support team.

This article was written in order to provide our community with further knowledge and is aimed to increase awareness. While yami or asktoyami takes the security of its customers very seriously, neither yami or asktoyami nor any person associated with yami or asktoyami makes any warranty or representation with respect to third parties’ acts or omissions. Yami or asktoyami will not be responsible or liable for any unauthorized access, breach of firewalls or other hacking by third parties.