Obviously, phishing is a huge threat in an increasingly digitized world. Never has it been so easy to make fraudulent charges or even steal someone’s identity. It makes eminent sense, therefore, for users to arm themselves with the necessary knowledge to be able to protect themselves from the ill-intentioned machinations of those who wish them nothing but harm.
One of the most common (and effective) ways a hacker carries out a phishing attack is through email. The irony, however, is that it is just as simple for users to take precautionary measures against it. Each of us should be wary of correspondence that makes superlative offers—those that are simply too good to be true. The average person isn’t left a million dollar inheritance from an absolute stranger, nor are they bequeathed a lottery they haven’t participated in. These are dead giveaways of a phishing attempt.
Then, there are those emails that invoke a sense of urgency: Advising you to “act fast” or risk losing out on something you might regret. This, again, is most likely an attempt at phishing. Correspondence of this nature is usually unsolicited and accompanied with attachments for you to download, or links for you to click. Be wary about these, as they could contain viruses. Finally, any email that seems to have come from an unusual sender should be blocked and reported as spam or a phishing attempt.
The following are a few additional steps users can take to guard against a variety of phishing attacks conducted by cyber criminals:
Lookout for spam: No one escapes these types of email correspondence. Spam can arrive in your inbox pretty regularly, and you should be aware when it does and mark it appropriately. This should definitely become a standard operating procedure.
Be cautious when sharing sensitive information: Credit and debit card information, social security numbers—even your name and date of birth, should be protected at all cost. If possible, sensitive information should be disclosed in person, by phone call AND ONLY when you can verify the company or individual you are disclosing it to. When doing this online, you should always look for a “green lock icon” in the address bar of a browser (where the company’s name should appear, along with the authority that issued their SSL certificate) and examine the website’s URL. Never provide sensitive, personal or financial information in an online form unless you are absolutely sure about the sanctity of the website.
Don’t send emails from a public computer: With laptops, mobile devices and other technology at our fingertips, you shouldn’t have to access your email from any other place. But when emergencies occur, be careful not to choose options that will store your login information for later access, and to sign out of your email account before closing the browser window. Even if you dodge a phishing attack, there is still the danger of someone retrieving information pertaining to your email.
Check your bank account statement for unauthorized charges: People often fail to realize they have been subject to a phishing attack, and that fraudulent charges may be scattered throughout their banking ledger. Make the time to frequent your bank statements in a thorough manner. You may be surprised to see a series of unauthorized charges levied to your account. If you ever notice an unauthorized charge, be sure to take the necessary action to get reimbursed, and to ensure it doesn’t happen again.