02 Jul 2017

Avoid Phishing Lures in Your Inbox

0 Comment

Among the many threats to your data on the web, phishing scams are becoming more prevalent. According to a recent study from the IRS, online “phishing” – or malicious emails posing as legitimate sources – increased by over 400% during the 2016 tax season. Thus, it is more important than ever to be aware of and know what to look out for so you don’t become a victim of these scams.

“Phishing” scams target users to gain access to email and other online accounts such as online banking and social media. These scams are disguised as emails from trusted sources – such as your bank, social media accounts, or even people you know – and contain malware in the form of a link or an attachment. User action is required for the malware to act upon your sensitive information; however, a click or quick download will install the malware instantly and act upon your data.

So how can you avoid these scams? Here are a few tips to avoid falling victim:

1. Learn what to look out for.

Here are some warning signs to look out for:

  • The sender claims to be an organization or individual you are associated with, but the name is misspelled, or the domain name is off (IE BestBuyAlerts@fashionlabs.com or info@verizon.net).
  • The email addresses you by name, but your name is misspelled or inaccurate.
  • The message includes a lot of grammatical errors or typos, or is suspiciously urgent with a deadline for action.
  • The URL does not match the text when you hover over the hyperlink with your cursor, or it is a sketchy IP address.
  • The attachment is a .exe file (a file type known to carry viruses.)

2. Be vigilant.

Always stay vigilant when opening emails, especially if it is an email you did not expect. If the email is asking for sensitive personal information such as your password, SSN, bank account PIN, or credit card number, be extra cautious about confirming the email’s authenticity before taking any action.

3. Don’t click until you’re sure.

If the email includes any of the above-mentioned warning signs, do not click on any links or download any attachments. Instead, follow these steps to determine if the email is authentic:

  1. Verify links. You can verify links through a link checker (Norton Safe Web and Phish Tank offer link checkers which scan websites for potential threats) or type the URL directly in your browser.
  2. Call customer service. If you receive an email claiming to be from an organization you are affiliated with and requiring action on your part, call the organization directly to verify the email is authentic.
  3. Reach out via another method of communication. If the message claims to be from a friend or colleague, reach out to them through another method of communication (in-person, phone, Facebook, etc.) and ask for verification.

4. Use a password manager.

To avoid being phished online, use different passwords for each of your online accounts so that if one of your passwords is compromised, the rest of your accounts are not at risk. You can keep track of all of your different passwords using a password manager which is an encrypted tool ensuring your passwords are protected at all times.

[top]