Rule 1: Think before you Click
Phishing or social engineering attacks are increasingly being used by cyber criminals to trick internet users into revealing sensitive information – website login details, bank account or credit card details or personal data that forms part of your identity.
Phishing emails (note the ‘ph’) are designed to look official and may use an ‘urgent security alert’ or other reason for you to immediately visit a website to confirm your personal details.
Misspelt website addresses or URLs can be bought and set up to look similar to your bank website with copied logos and login forms the added touch that aims to convince you to enter your account login information.
Rule 2: Beware the friend in need
A friend’s hacked email address can now be used to send highly convincing – but fake – appeals for emergency help or direct you off to ‘interesting’ video or photo content, perhaps involving a celebrity sex scandal.
Click the link in the email though and you may end up on a website designed to infect your computer if you haven’t fully patched the operating system and all software on it, particularly Java and Adobe Flash.
Even social networks have been affected by spam or malware links added via rogue apps or compromised accounts.
How to avoid getting Phished
- Learn about the various phishing species that try to hook you and reel you in
- Be careful when you receive emails requesting urgent account verification
- Don’t download and open unexpected attachments
- Curiousity killed the cat – avoid clicking on video or photo links posted on your newsfeed
- Don’t respond, download files or click on links to websites you’re suspicious of
- Investigate any online offers carefully that appear to be too good to be true