1. What is a phishing attack?
Phishing is a type of social engineering attack. It is the fraudulent attempt to obtain sensitive information such as username, password, 2FA code or any other important information by disguising as Lucent. Users are often be deceived by trusted parties such as:
- Email spoofing；
- Fake Lucent site；
- instant message with malicious link；
- social websites with manipulated Lucent link;
- Chat with impersonated Lucent support；
- Fake Lucent hotline or support in search engine etc.
- Fake Social Media Account
- Malware downloaded from internet
- Free WIFI Phishing
2. Phishing attack protection
It is known that the most important and weakest aspect in a security system is people. Hence, for users, vigilance is key:
- A spoofed message often contains subtle mistakes such as spelling mistake, strange syntax, incorrect grammar or spelling, misspelled domain name, etc.
- In addition, attackers will usually try push users into action by creating a sense of urgency. For example, an email could threaten account expiration and shall be verified within a timeline; A message instructed users to move asset a secure wallet to avoid loss as soon as possible.
Phishing attack protection requires steps be taken by both users and Lucent.
Here are some tips to avoid phishing attacks:
- Always upgrade Google Chrome or Mozilla firefox to the latest version. It is known that Google Chrome or Mozilla firefox will warn users for phising or unsafe high risk website.
- The safest way to login to Lucent is through the website lucent.exchange.
- Always verify the SSL(https) domain name *.lucent.exchange.
- Enable Two-factor authentication(2FA) verification such as Google 2FA or SMS 2FA. Keep cautious and not disclose Google 2FA 16 digital back key to anyone or any website. If username and password were compromised,2FA prevents the use of compromised credentials, since these alone are insufficient to gain entry.