October is Cybersecurity Awareness Month, and this week focuses on phishing! Protect your sensitive information by being aware of the ways in which hackers gain access to your data.
Phishing is when criminals use fake emails to solicit sensitive information. Despite often being overlooked, phishing has been prevalent in the cybersecurity threat landscape for decades. Take simple steps to ensure your online safety.
Recognize and report phishing attempts.
When criminals go phishing, you do not have to take the bait! Scam emails collect personal data from unknowing victims. Be aware of the signs of phishing attempts.
Look for things like:
Strange requests for business transactions like the purchasing of gift cards on your own dime.
If a coworker reaches out to you and asks you to conduct business transactions on your personal account and then forward that transaction information, this is a phish! This can look like fake invoices, false service expiration, tax refund scams, or even messages from “HR”. Verify who is sending you the request, check the sender’s email, and report this suspicious activity.
An offer that is too good to be true.
If you receive an email, text, or phone call with a promise or business idea that seems too good to be true, this is a phish! Recently, voice phishing (or vishing) has become popular amongst criminals who want to gain sensitive information. Vishing can look like calls from unknown numbers claiming to be government representatives, posing as tech support, and even impersonating bank employees. If an offer is disclosed, that looks disingenuous, report and block the sender.
Language that is urgent and alarming.
Have you ever received an email from a criminal posing as a close friend who needs a wire transfer for a large sum of money immediately? This is a phish! Look for wording like “ASAP”, “Your deceive has been hacked!”, “Sign in NOW!”, etc. When you come in contact with communication that is threatening and alarming, report this activity immediately!
Misspellings and poor writing.
Phishing can often be suspected immediately. If an email contains misspellings, awkward and unusual formatting, and overly explicit call-outs with hyperlinks attached, this is a phish! If the correspondence does not look like typical email formatting from your organization, report it and block the sender!
Follow these tips to ensure safety for online activity. Check socials for #BeCyberSmart for more tips and tricks.
Learn more about cybersafety at staysafeonline.org.