In this information age, data is increasingly seen as a valuable commodity. Last week we discussed scamming in the context of domains. This post will discuss phishing scams and how to avoid/prevent them.
Phishing scams generally come in the form of e-mails pretending to be legitimate companies or organizations. These fraudulent enterprises will ask you for personal information ranging anywhere from credit card details, usernames, passwords and other sensitive information. Here are some easy ways to stay ‘data smart’ and avoid these issues effectively.
- Passwords – One of the most important things that may seem obvious at first glance is keeping your passwords secret. Most people tend to have one password with slight variations (i.e. football123, football 1234). Having passwords like these tend to make phishing scammers the best detectives on the web. They can easily hack into all your personal accounts by putting these pieces together. Make sure you switch up your passwords for cases where you want your information protected.
- Language – Notice how the e-mail addresses you. Most of the time this will be very vague. The picture below depicts an interaction between someone pretending to be Yahoo and a victim of a potential phishing scam. Notice how the victim is addressed very indirectly. By maintaining ambiguity, these scammers not only make you less likely to question their legitimacy but also have the ability to target thousands of people by keeping their greetings very general.
- Install a spam filter – Most e-mail services have this option and can be enabled with a click of a button. Although this may not eliminate all harmful e-mails, they will cut down on the bulk considerably.
- Protect your employees – If you are a business, make sure your employees know what and how these phishing scams are able to harm your company. Digital Guardian notes, “There are multiple steps a company can take to protect against phishing. They must keep a pulse on the current phishing strategies and confirm their security policies and solutions can eliminate threats as they evolve. It is equally as important to make sure that their employees understand the types of attacks they may face, the risks, and how to address them. Informed employees and properly secured systems are key when protecting your company from phishing attacks.” (Lord, 2016)In addition, installing antiviruses, using web filters and encrypting sensitive company information are also sensible measures you should take to ensure the safety of your information.
- Be Smart – As mentioned before, many of these threats come via e-mail. If a source seems credible, a Google search can always guide you in the right direction. If you are still unsure of what to do, call or e-mail the address that is contacting you. Always remember a legitimate business will almost never ask you for your passwords or account numbers.
Dredge, Stuart. “How to Protect Yourself from Phishing.” The Guardian. Guardian News and Media, 06 June 2014. Web. <http://www.theguardian.com/technology/2014/jun/06/how-to-protect-yourself-from-phishing-attacks>.
Lord, Nate. “Phishing Attack Prevention: How to Identify & Avoid Phishing Scams.” Digital Guardian. N.p., 23 June 2015. Web. <https://digitalguardian.com/blog/phishing-attack-prevention-how-identify-avoid-phishing-scams>.