Everything is not what it seems, especially in the world of the internet. Phishing attacks are emails or websites that appear to be legitimate but are fronts created by cybercriminals to steal your information. Victims are lured in by a link, attachment, or other plug-in and once you click, the security of your system is compromised.
As a part of Secure Data’s blog series for National Cybersecurity Awareness Month, this post will focus on the dangers of phishing and how you can avoid being a victim.
Who Is in Danger of Falling Hook, Line and Sinker?
Anyone who uses the internet and is not educated on proper internet safety techniques is susceptible to a phishing attack. While anyone who uses a smartphone or computer is open to an attack, some groups are potentially larger targets.
Phishers may try to scam people based on their wealth or where they work. The larger the company, the better the chance at gaining access to records and as a result, personal and financial data. The elderly may be another easy victim group because they are not aware that what presents as a legitimate email is an online scam.
In general terms, the more time that people spend on the internet, the more likely they are to be malware victims. Other activities like shopping, downloading videos, and online gaming was also associated with an increased risk for malware. Different types of phishers may target certain information or certain groups, but one thing is certain: if there is data to be stolen, there will be cybercriminals plotting to obtain it.
Bait in a Cybercriminal’s Tackle Box
The differences between a legitimate and a phishing email are subtle. In some cases, the domain name may only be slightly altered with an added period or extra letters within the web address. As this is a less than noticeable shift, it is simple for an average user to click on a link or email without concern. The Federal Trade Commission gave examples of messages attackers may send in hopes of luring you in.
Another common way that phishers attack is by pretending to be a friend who needs money for an unforeseen circumstance. If a phisher gains access to your contact list, they will attempt to craft an email or text that appears to be from a trusted source. It is after you send them an account number or send them money that the criminals have access to your sensitive information.
Most phishing attempts to gain your information will ask you to enter a portion of your credit card or social security number, or even address. Any company that you have an account with should already have those details on file. Do not enter your information onto any site that is unfamiliar or has an insecure web address.
Stop Phishing Around and Secure Your Data
In an ideal world, people would simply use the internet less to avoid online scams. However, technology has become a necessary asset to our personal and corporate lives and if we continue to use it, then we must be educated. Start by taking this Google Phishing Quiz to learn ways to spot a fake email from a real one. This will teach you to look carefully at the name of the sender in your inbox, the type of message, and how an attachment may have a completely different link behind it.
Other ways to protect yourself from a phishing attack are:
If you are the victim of a phishing attack, malware, or data breach, SecureForensics can help. Our certified examiners can identify the source behind the attack, identify the data that has been compromised, and create a court-admissible report of the investigation. Call 1-800-288-1407 to learn more about our services.