Protect yourself from Phishing Attacks
Phishing represents a serious threat to all industries.
Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details, often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.
It is a broad, automated attack which is less sophisticated than Spear Phishing which is a customised attack on a specific employee and company where the sender is posing as a known or trusted individual.
How can we avoid Phishing Attacks?
If you think it is fishy or “phishy”, check in with the person to see if it is real. If you aren’t expecting something from the person who sent the message, contact them by telephone and confirm if they meant to send it.
This does 2 things:
- This confirms your suspicions
- This informs the sender that they have a virus
Confirming by email can be dangerous, as the hackers often have access so can reply as the person, however, this is often done badly as they tend to respond differently than you might expect.
Think about it, how likely is it that a Nigerian prince is ever going to email you for help? If an email looks weird…it probably is weird.
Phishing emails will often appear to be from a family member, friend or colleague, so pay attention to how the sender’s address is spelled and make sure it is also accurate.
Some phishing emails are from people you don’t know or are from strange email addresses. They may contain links that lead to what looks like a login page for your social media account or banking login page. Hackers make these lookalike sites to steal your usernames and passwords. Hover over the link with your cursor to view the actual URL before clicking, or even better go to your web browser and type in the web address yourself. Once you are logged into the site you know and trust, complete the task requested.
Many phishing emails have a sense of urgency. Ask yourself, why is mum asking me to download that? Has your bank ever threatened to close your account? Would they even do that?
If someone calls…don’t give them information. Hang up and call the company back but… don’t redial or use the number they just called on! If there really is an issue, they’ll have it in their computer system.
Slow down, be skeptical of links and attachments and double check all the details before proceeding. If you think you may have been hacked or you have clicked on a link you shouldn’t have, talk to your chapter IT contact ASAP!