Sponsored: 10 Tips to Avoid Phishing Scams
Whether you own a business or are simply trying to manage a household budget, phishing scams and cyberattacks are a risk to your security.
According to Proofpoint’s 2021 State of the Phish Report, more than 80% of organizations fell victim to a phishing scam the previous year. A frustrating aspect to this fraud is that despite most people knowing it can happen, many still get caught up in it, oftentimes even entering personal or financial information.
Scams are increasingly on the rise and typically occur via email, masked phone calls, pop-ups or through social media messaging. Emails can often sound so personal that the receiver assumes it’s from someone they know well. There are several actions that organizations and individuals can take to protect themselves and their assets from phishing and cyberattacks.
1. Do not click on suggested links: It’s advised not to click on any link offered through an email or social media messaging, even if you think you know the sender. Some phishing attacks are sophisticated enough to make the destination URL look like a carbon copy of a genuine site with the goal to record keystrokes or steal login/credit card information. If you feel it may be a legitimate link, go to the site straight through a search engine as opposed to clicking on the link.
2. Scrutinize the sending email address: One of the easiest ways to detect a scam is to look closely at the email address sending the message. If it’s a gmail account or some other type of “homemade” email address, be cautious. If it ends in a valid site domain, it may be an authentic message.
3. Educate yourself on what phishing scams look like: There are many websites and newsletters that will help teach you about popular and current phishing scams. If you know the signs, it’s easier to catch fraudulent messages. Staying up-to-date with this information is especially important if you own a business. Ensure your employees know what to look for.
4. Get free anti-phishing add-ons: Today’s browsers will enable you to download add-ons that spot the signs of a malicious website or alert you about phishing scams. These add-ons are generally free so there’s no reason not to use one. If you’re a business owner, encourage your employees to use them as well.
5. Do not input your information into unsecured sites: There are two main ways to detect if a website is secure. The URL should begin with “https” and you should be able to see a closed padlock next to the URL. If you do not see both of these key indicators, do not enter any personal information.
6. Rotate passwords regularly: If you have accounts where you must sign in with a password, get into the habit of rotating passwords regularly. This will prevent an attacker from gaining unlimited access. Many sites prompt you to do this on a routine basis, but if they do not, set reminders to do it on your own.
7: Pay attention to updates: It’s easy to click “ignore” when an update tries to initiate. People are impatient and do not want to wait for the update to go through its process; however, updates are very important when it comes to security. Security patches and updates are released for good reason. If you constantly ignore them you will be putting your personal information at risk.
8. Be wary of screenshots: Scammers often use screenshots of logos, products, letters or other items to make it look authentic. If the email is full of screenshots, be wary. This is probably a criminal trying to make the email look legitimate.
9. Don’t be tempted by pop-ups: Not only are pop-ups irritating, they are also often linked to malware as part of an attempted phishing attack. Pop-ups can look very real as if they’re coming from Microsoft or Apple. Many prompt you to call a 1-800 number and then try to hide the “close” button so it looks like it’s impossible to remove the pop-up without first calling. The closeout “x” is often hidden in the corner. Most browsers now allow users to install a free ad-blocker which helps with annoying pop-ups.
10. Update contact information with financial institutions: Ensure that your contact information is always updated with your financial, loan and credit card institutions. That way, if there is a strange charge or the institution needs to look into something, they can get in touch with you immediately.
Phishing scams and cyber attackers are everywhere, so be very cautious with anything you do online. Further, these hackers often target elederly people who are more trusting of phone calls than younger generations. If you have older people in your life, make sure they know the signs of phishing scams. It takes a united front to stop these criminals.
This article was written in cooperation with Champion Credit Union. For more details or to update your contact information, click HERE.