Phishing: Understanding the Threats and How to Stay Safe
What is Phishing?
Phishing is a type of cyber-attack where cybercriminals attempt to steal personal information such as passwords, credit card numbers, and other sensitive information by impersonating legitimate entities.
Phishing attacks can be carried out via email, social media, SMS, or phone calls. These attacks are becoming increasingly common, and it is essential to understand the threat and know how to stay safe.
How do I actively stay safe with my emails?
Be wary of unsolicited emails or messages: Attackers will attempt to trick you into helping them! Be aware of their tactics.
Urgent Requests: Attackers threaten that their request needs to be done immediately, such as an account or subscription is about to expire, or a deadline is rapidly approaching. Look out for time-sensitive language, deadlines, scarcity for rewards, and options to quickly fix an item with a form or link.
Requests from Authority: Attackers can try to impersonate someone from the company and make a request of you hoping you won't question their authority.
Verify the source: Before clicking on a link or entering any personal information, verify the source of the email or message. You can do this by checking the sender's address in the email you received!
Hover your links! Phishing attacks will try to get you to use a fake link to steal your data. Make sure the URL of the link is real by hovering before you click!
Don't download attachments! If you think the email is fraudulent or maybe unsafe, be hesitant to download any attachments.
Check the sender's email address
You can check the sender's address next to their name found between the <> brackets. You can also see this in the more details button option as shown.
You should make sure this has a real email address and matches what you expected as the sender.
Hover your links
Notice in this example the link is for www.ebay.com. However, the bottom left corner of the screen shows the real address the link will take you to. This shows a case where the attacker has hidden the link from you.
Security measures you can take to protect your account:
Enable two-factor authentication: Two-factor authentication adds an extra layer of security to your accounts in the case an attacker attempts to login as you with your account information.
Keep your software up to date: Make sure you have the latest updates for your operating system and software, as they often contain security patches that can protect you from phishing attacks.
Use anti-virus software: Anti-virus and anti-malware software can help keep your machine clean and reduce the risk of attackers intruding on your system.
Other types of Phishing Attacks:
Smishing and Vishing are phishing attacks that come over text or via a phone call.
Read more about Phishing attacks from our partner KnowBe4 using any of the following links:
If you believe there is something suspicious going on, please report it to the Solution Center at email@example.com immediately.