A major problem facing online users is learning how to best avoid phishing attempts. Phishing is the activity used to gain access to financial information by posing as a legitimate person or company. Hackers use phishing attempts to learn personal login credentials or other account information from the victim.
Phishing attempts are more commonly found during major events such as holidays and anniversaries or during breaking news stories to get the users attention. They may include logos and other legitimate information to make them seem more credible. Links within the body of the email may take the user to a fake website that has been designed to look similar to the legitimate one. Fortunately, Intivix put together a list of seven ways you can avoid phishing attempts
There are a few good things to keep in mind when receiving emails from banks and other financial institutes: Is the email personalized? Is it marked “urgent” or does it use some other sensational messaging? Phishers don’t typically personalize their emails and will often use words like “urgent” to entice their victims to act immediately. Also, most legitimate companies won’t ask you for your username or password (or any other type of confidential information for that matter), so if you happen upon an email that does, be wary!
A standard method phishers use gain account information is by embedding links into the body of their emails. Once you’ve opened the email, they make it easy for you to visit their fake site by providing the link disguised as a legitimate one. They may change or add one word to throw you off, or slide in under the radar by misspelling a word in the URL.
Remain vigilant about your accounts. Log into them on a regular basis and keep track of the traffic occurring on them. Any suspicious or unapproved activity should be reported immediately.
A few ways to make sure the site you’re visiting is legitimate and safe are made by simply checking the address bar. If you are working from a secure server is checking to see if the beginning of the address starts with “HTTP://” or “https://.” If there is an “s” at the end, the server running the website is secure. Another way to tell if your personal data is safe is looking for a lock icon in your browser status bar.
Normally banks and other financial institutions have a security page on their websites with tips and advice on how to carry out safe transactions and other personal data. It should go without saying that passwords should not be shared or written down, and no two passwords should ever be the same. You can easily avoid phishing attempts by simply not opening or replying to spam emails, as doing so gives the sender confirmation that your email address is legitimate.
Sometimes, criminals embed “spyware” software into phishing and spam emails that record information on your activities while on the Internet or employ “Trojans” to open backdoor access into your computer. Keeping your anti-virus and anti-spam software up to date can help prevent phishing emails and other spam from reaching your inbox.
If you do happen to receive an illegitimate request, forward the email over to the legitimate website. Most companies have an email address specifically created to resolve phishing attempts.
To actively avoid phishing attempts, businesses need a multi-layer security system in place. Just having a firewall or some off-the-rack anti-virus software installed is not enough to protect everyone in your organization from phishers. Give us a call today, and we’ll put in place a robust network security system designed to keep you – and your data – safe.