Top 5 Tips to Avoid Being a Victim of Phishing
Phishing is when a bad actor sends an email that appears to be from a legitimate person or organization. Often these emails ask you to check a shipment or possibly log into a portal designed to mimic a real website. Spear Phishing is when the bad actor uses targeted information to solicit a response. The risk is often giving up access to your email box, transferring money to the wrong person, or worse - a complete compromise of your network. Here are five tips to avoid becoming a victim of phishing attacks.
1. Think before you click
It can be hard to discern when it is safe to click a link or not. In today's digitally connected age, users click on links all the time. When visiting trusted websites, it is OK to click on links, but you should be aware of clicking on links of random websites that you are visiting. The most common phishing scams come through email campaigns. A phishing email may claim to be from a legitimate company or person. However, they usually link to a malicious site. It is prevalent for us to see emails that claim to be from the CEO or Director in asking for someone's help, in confidence. If you are unsure of a request from someone in your organization, it is best to follow up with that person over another medium to verify the request's validity.
2. Keep up-to-date on techniques
Bad actors create new phishing techniques regularly. It is best to stay on top of the different methods to avoid falling victim. Follow the news, or check with your IT staff to keep up-to-date. Finding out about new scams early on will help lower your risk of falling for the ploy.
3. Pop-ups
Pop-ups often portray themselves as part of a trusted website, and often they are, in fact, phishing attempts. Most internet browsers allow for pop-up blocking or extensions to help with security. Check with your IT staff if you need additional help.
4. Anti-phishing extension
Most internet browsers offer the ability to have extension add-ons that provide an array of tools to protect users from phishing scams. These extensions will quickly verify if the sites you visit are on a list of known phishing sites.
5. Verify site security
Most of us know to be cautious about supplying sensitive information, such as financial or personally identifiable information online. If you are on a legitimate, secure website, you should not face any issues. Before you send any sensitive information, ensure that you are on a website with SSL encryption. You can do that by verifying that the web address begins with "https". You should also never download files from suspicious sites that do not have SSL encryption enabled.
Rook Advisors provides proactive services to our clients that help protect them and their data. These services and knowledge are the best tools to combat cybercrimes such as phishing. Reach out to us today for a no-cost consultation on how we can help you and your business.