Want to Steal a Password? Go Phish: How to Recognize Phishing Scams in Your Inbox
August 17th, 2022 by admin
With the world moving rapidly toward digitalization, cyber-crimes are more widespread than ever before. Phishing attacks especially, have become bolder and more sophisticated. They are one of the most prevalent security hurdles that both individuals and businesses have to tackle on a regular basis.
The intent of a phishing (pronounced fishing) attack is to obtain sensitive data to get access to protected networks or computers. Hackers achieve this by including an authentic looking link or attachment in an email which if you open, infects your computer or directs you to a web page that asks you for some private information.
As per cyber security agencies, almost 20% of phishing emails get opened in the workplace. This comprises of clicking the included malicious link or opening the infected attachment.
While phishing email scams may seem unbeatable as they appear to be sent by trusted sources, there are a few things businesses and individuals can do to safeguard themselves against these attacks.
Tips to Protect Your Business from Phishing
-
Be cautious of emails requesting private information: Particularly information related to bank accounts, credit or debit cards. Legitimate businesses will never demand confidential information by email, and most financial institutions will inform you that they will not request your credentials/authentication details except when you're the one reaching out to them.
-
Always check the source: Hackers can forward emails that seem like they’re from a co-worker's email account and, in some situations, can also take over their email account completely. If your supervisor or co-worker sends an unusual request, ask them about it offline.
-
Fake domains that look real: These are often used by hackers to fool users as you don't always look closely at the part after the '@' in an email address. For example, google.com vs. g00gle.com. Take few seconds to see the URL before filling out any information.
-
Passwords: Avoid reusing passwords across various websites. If someone obtains access to any one of your accounts and all other accounts have the same password, then they’ve got access to your entire online presence. Try utilizing reliable password managers to secure and protect your passwords.
-
Keep all software up to date: Update and install security patches on your operating system regularly. Ensure that auto-updates are turned on and don’t disregard the alert notifying you it’s time to update.
-
Better authentication: Turn on 2-Factor Authentication on any of your accounts that provide it (social networks, bank accounts, work email, etc.) If you have enabled two-factor authentication, hackers will not immediately get access to your account without the second form of authentication.
-
Forms in emails: Never input private information via forms embedded within emails. The sender is often able to track all information entered.
-
Links in email: Treat links like a car ride, you wouldn’t want to get in with someone you don’t know, and you want to know where you are going. Don't ever click links in an email to visit a website except when you are completely sure they are authentic. Alternatively, open a new browser tab and key in the URL yourself into the address bar. Usually, a phishing site will try to mimic an authentic site – look at the address bar to ensure that you know where you are being taken.
-
Data backup: Keep at least three copies of your important data, and one of those copies should be away from the other two using a cloud backup solution.
-
Check a site’s security: It’s common to be a bit cautious about providing sensitive financial information online. But as long as you are on a reliable website, you should not run into any difficulty. Before you submit any form online, ensure the site’s URL starts with “https” and that there is a sealed lock icon beside the address bar.
Posted in: Tech Tips