Cybersecurity isn’t a concern reserved for big-name corporations or social networks. Clever criminals are always working to stay a step ahead of the game, whether they’re targeting personal or business information. Phishing is an email tactic used to trick the recipient into disclosing private information such as passwords and account numbers, and it isn’t always caught by email spam filters. Read on to learn how to avoid phishing scams.
• The email. Phishing emails are designed to look genuine. They use real company names—banks, lenders, service providers, etc.—precisely copied branding, and “spoofed” email addresses that look legitimate but have slight variations (companyname1.com for example, or companyname.othersite.com).
• The call to action. Often featuring an urgent or threatening tone, phishing emails usually request “confirmation” or “verification” of your account or billing information. You may be told that your account is at risk of being suspended, or that suspicious activity has been detected. It’s a clever ploy to get you to act without thinking.
• Don’t click on “phishy” emails. Use bookmarks or type URLs directly into your browser’s address box.
• Don’t email confidential information. Whether business or personal, don’t send financial or account information via unsecured email.
• Don’t enter private information in pop-up windows. This is rarely a secure way to transmit your sensitive data.
• Install security software. A multi-purpose suite will include your firewall, spam filter, anti-virus, and anti-spyware tools.
• Keep ALL software up to date. Always download the latest patches for and versions of your software.
• Monitor your accounts regularly. Keep an eye on your account dashboards and review your monthly statements.
What if you come across a suspected phishing message?
Avoid opening the email, and whatever you do, don’t respond or click on any links within it. Report the email to your company’s security contact, followed by the FBI’s Fraud Complaint Center. If you think your information has been stolen, the Federal Trade Commission has advice on what to do next.
To protect your team and your business from phishing, always be smart, skeptical, and security-minded. Visit the Anti-Phishing Working Group for a list of current attacks and the latest phishing news.