Phishing attacks are on the rise. When surveyed in 2017, 76% of information security professionals reported being targeted by phishers. That increased to 83% in 2018.
Knowing how to protect yourself and your organisation from such attacks is more important than ever. While legitimate businesses will use an email verifier tool to ensure messages are sent to the proper subscribers, as the recipient, it can sometimes be hard to tell the difference. In this article we highlight a few tips to ensure scammers don’t gain access to your sensitive information.
Know the Basics
It is essential that you and every member of your organisation know how to identify basic phishing scams. That means training everyone to identify common warning signs. These may include:
- Incorrect sender information
- Suspicious requests for recipient information
- Poorly-written emails
- Generic salutations
- Inaccurate company names and/or logos
Recipients should also never click on links sent in emails they don’t know they can trust. To be safe, open a new browser window, and type the URL in directly.
Keep in mind that phishers often use shortened links to trick people into visiting unsafe sites. Before clicking visiting any links, hover the mouse cursor over it to ensure it actually directs you to the location it claims to.
Don’t Be Intimidated
Phishers often try to scam targets by claiming to represent legitimate companies. These may frequently be financial institutions.
This is a key element of a phishing strategy. Phishers believe they can scare targets by claiming they need certain information as soon as possible in order to address urgent matters. Fearing they are “in trouble,” recipients act without thinking they may be scam victims.
Whilst there are occasional instances when companies require you to take action due to urgent matters (such as changing your login information after a breach), the best way to confirm if this is genuinely the case is to reach out to the company directly, via a secure channel, to learn more.
Check For HTTPS
The early days of the Internet were a simpler time – scams such as phishing were less common, so security measures were less effective.
Times have changed. One change involves a shift to the HTTPS protocol; a site that still uses the “HTTP” protocol isn’t secure, and shouldn’t to be trusted.
It’s also important to protect yourself when browsing through a public, unsecured WiFi network. Don’t enter any financial or similarly sensitive information into websites when using such networks.
Most importantly, stay abreast of developments in phishing tactics. Scammers know their targets are becoming more and more familiar with popular strategies and they are making changes accordingly. Knowing what those changes are is key to protecting yourself.