Gone Phishing: Tips and Tricks to Avoid Taking the Bait
Every Phisherman has their favorite bait from pop-ups to spam emails their line is always in the waters of the internet looking for their next catch. How can you stay off their online hook? What services can help you stay safe in online waters? What to do if you take the bait? If these questions are sailing through your mind, then we have the answers for you.
How can you stay off the online hook?
There are many tips and tricks to avoid phishing scams. To demonstrate, here are 5 easy and simple ways to avoid taking the bait from the phisher’s tackle box. Phishing.org has more tips and news to keep you up to date and cyber aware.
- Don’t complete transactions on HTTP:// websites: Online shopping is fast, easy, and convenient; however, if you shop on an HTTP:// website, your information is not encrypted and the website you purchased from can now access your account information. Look for the lock and HTTPS:// in your search bar when shopping online. HTTPS:// sites encrypt information and secure transactions.
- If you didn’t request it don’t open it: With retail and consumer websites giving discounts for subscribing to email lists it is easy to be on 25 or more mailing lists. Up against the number of email campaigns that get sent daily makes it easy for phishers to sneak baited links into your inbox. If you don’t remember the place, do a search of the company to jog your memory and check for legitimacy. Always use caution! If the offer sounds to go to be true, it probably is. Stop and think before you click the link!
- Filling in your information is not the best way to get rid of a pop-up: Blogs and websites often have pop-up boxes to subscribe to for discounts or email notification. A typical pop-up box will ask for an email address and a name. Scam pop-ups have nothing to do with the current site you are on and ask for a lot more information. These pop-ups need to be closed immediately. Certainly, no pop-up needs your credit card number, SSN, or your mother’s maiden name.
- Stay up to date, in software and your knowledge: Keep your Antivirus and other critical programs, like your web browser on auto-update. Overall, this keeps your security strong and your other programs from becoming glitchy. Out of date software makes it easier for the phisher to cast their line.
- If it looks phishy it probably is: If it walks like a duck and quacks like a duck, it is a duck. If it looks like a phishing scam and it reads like a phishing scam, it is a phishing scam. Everyone knows there isn’t a price in Nigeria that is waiting to send a million dollars, but phishers have gotten cleverer with what they send and how they word their emails and pop-ups. Read on to learn how to spot phishers.
Spot the Phish:
Emails are still a phisher’s most effective tool. Because of today’s privacy concerns phishing emails will prey on those fears and create panic. Looking at examples of scam emails, there are things you can be on the lookout for.
- Spelling and Grammar: First thing to remember, large companies have communications departments that write professional and well-written emails. An email telling you, ‘you account has been hacked!!’ is not an email with a link you should click.
- Time Crunch: Companies will not permanently shut down your account if there is suspicious activity. There won’t be a 24-hour time limit to resolve a security issue. The best way to handle an email like this is to go to the company’s website and log in. If there really is suspicious activity you will be able to change your password then and there without clicking on a risky link.
- Branding: Companies brand everything they send. It is a trademark and a way to make sure you remember them. On the whole, a phishing email will lack logs on the email. Furthermore, a company email address will be lacking. If Amazon sends you an email it will say something@Amazon.com, not Joie@somethingrandom.com.
A real email will be related to something you did or requested on a website. If you made an order or requested a password change, those are all reasons to get a real email. If there is still cause for suspicion, log into your account and check your activity from there, not the navigation link.
What To-Do After Taking the Bait:
Even the most cautious of internet users can fall victim to a well-executed phishing attack. There are fast simple steps that can help save your information from falling in the wrong hands. Once you’ve realized you’ve clicked on phishing email:
- Get offline!
- Follow your company’s guidelines on who to inform.
- Backup your files.
- Run a full system scan through your antivirus software provider.
- Reset your passwords.
These steps don’t guarantee your information won’t already be comprised and on the dark web, but these steps at least give you a chance to stop it and possibly prevent other cyber-attacks.
Consider the Consequences:
Another key point, NIST (National Institute of Standards and Technology) cautions and educates companies on how to handle employees that fall victim to phishing scams. Because of sophisticated software and social media, it has become easier for hackers to create realistic and authentic-looking emails. Coupled with websites like LinkedIn which provides details on the responsibilities an employee has; it makes sense that someone in the accounting department would open an email for an invoice or bill.
The NIST found that fear of punishment or being fired because of phishing emails could affect job performance. Employees who are opening and responding to these emails are trying to do their job they have been hired to do. Fear of punishment can cause an employee to stop doing their job efficiently. Instead of punishing employees for trying to do their job, use a great IT Managed Services Company.
DirectPointe™ will help you before, during, and after a phishing incident. With DirectPointe 7’s Tech Support line, we’re here to help you. Given that DirectPointe 7’s competitive pricing and budget-friendly custom options there is no reason to not keep your system safe and secure.
Having your IT Services managed by DirectPointe™ eliminates headaches. DirectPointe™ will fix the damage and educate employees on safer online practices to help them avoid being bait again. With your IT services being managed by DirectPointe™, you might just have time to go fishing yourself.
What technical support needs does your company have?
Start today by filling out a FREE assessment or contact us with your immediate issues at 801-874-2225.