Phishing
Why It's Important
Phishing is an attempt to trick you into divulging personal information such as credit card numbers, account usernames and passwords, and social security numbers.
Almost every recent, major data breach started with a phishing email.
Recognizing Phishing
Most phishing attempts are via email and instant messaging. A typical phishing email may appear to come from your bank or a delivery service. The "spoofed" emails look very authentic with company logos, and they contain links to authentic-looking websites.
Protection Strategies
Don’t get phished! Here are five protection strategies to prevent becoming a victim.
- Be skeptical of all emails — If you don’t recognize sender, chances are this email is either some form of unsolicited spam or it is a phishing email.
- Be wary of links and attachments — If you do open the email, don’t click on links or download images or attachments. Links may take you to malicious websites. Images and attachments could contain malicious software. Be especially wary of emails with sensational headlines or offers to see naked pictures of celebrities.
- Ignore commands and requests for action — If the email is urging you to do something now, stop and think before you fall into their trap. If it’s too good to be true or seems too farfetched, it probably is.
- Check out the link — Discover where a link actually goes. With your mouse, hover over the link and look at the bottom left corner of your browser window. There you should be able to see the exact URL that you will be directed to if you click on the link. If this link shows as an IP address, such as 192.168.1.1, you probably don’t want to click on the link.
- Use the phone — If you get a questionable email or instant message, give the sender a call to verify it. And use a phone number from the phone book or other published source, not one within the message.