With the increase of online work and leisure time spent in front of screens, your cyber security may be at increased risk too. With that comes an increase in one of the most common security threats; phishing. It is now very important to take the time to learn and understand what phishing is and how to protect yourself from falling victim to these types of attacks. Here are some tips to keep you safe from cyber thieves.
What is Phishing
Fraudulent practice of sending emails pretending and sometimes appearing to be from a reputable company in order to convince individuals to reveal personal information like passwords, credit card numbers or other personal information.
Email Evaluation
Slow down, evaluate what the email looks like and identify who sent it to you. Here are some key areas to consider.
Sender or From Field
See who’s sending you the email. Look closely because phishers are getting craftier at disguising their attempts.
- If you only see a name, hover over it and the real “from” address will be revealed.
- Be skeptical if you see a public email domain like @gmail.com. Most reputable companies will have their own domain like @paypal.com
- Some phishers will make it look similar to official domains by adding in extra letters or numbers, so be sure to look closely.
Salutation
How are you being greeted in the email? Do they use your name, or does it use a generic salutation like “Dear customer?” Be on the lookout if you spot a generic salutation.
Buttons, Links and Attachments
Always think before you click. Hover over buttons and links to see the URL that it will be taking you to before you click it. Legitimate businesses also usually don’t send attachments. They’ll usually direct you to their site to download documentation.
General Grammar
If you’re seeing grammatical or spelling errors, this is another sign of a fraudulent email. Of course, mistakes do happen with legitimate companies, but this coupled with other red flags should alert you to a possible phishing attempt.
Common Phishing Scenarios
Phishers are good at getting you to panic and click buttons, open attachments or follow illegitimate links. Here are some common scenarios that should make you pause and really evaluate the email before you click or give away personal information.
- “We’ve noticed suspicious activity with your account”
- “There’s an issue with your account or payment information”
- “We need to verify your personal information”
- An invoice is attached for something you didn’t purchase
- Clicking a link to make a payment
- “You’re eligible for government refunds”
- Coupons or offers for free items or prizes
In general, remember that legitimate companies won’t ask for sensitive information like passwords or financial information via an email. This is a red flag that someone is trying to get your personal information. If something seems too good to be true, it probably is.
How to Protect Yourself
There are several ways you can help protect yourself.
- Use recommended, reputable security software
- Use multifactor authentication on your cell phone whenever possible
- Set up your software to update automatically on your phone
- Back up your data somewhere that’s not connected to your network
Remember, a good rule of thumb is just to slow down, think before you click and use common sense! Phishers are relying on a panic-inducing scenario to make you rush to click or give away personal information.
Stay safe. Stay connected and secure.
This information was compiled and presented by Astrea from the following sources:
https://www.cnet.com/how-to/spot-a-phishing-email/
https://www.securitymetrics.com/blog/7-ways-recognize-phishing-email
https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams