Phishing attacks are now the most common method cybercriminals are using to target unsuspecting victims. They’re becoming more customized and difficult to detect. So first, let’s talk about how they’re trying to do this.
Traditionally phishing attacks try to get you to…
- Open an infected email attachment.
- Click on a malicious link.
- Ask you to share a password.
Now, it used to be where they would send out millions of emails just mass email. So, they were very generic. But now cyber criminals are getting much more specific, so much so that you might feel like you know this person or that they know you. Let’s look at how they’re trying to do this.
- Researching your social media to learn more about you.
- Learning about your hobbies. They might send you a message pretending to be someone who shares in mutual interests, or they’re learning where you work.
- Crafting messages to appear to come from management or coworkers or vendors that you work with.
So how do you know whether it’s a fraud or if it’s something that’s legitimate? Well, there are some questions you should ask yourself as you’re reviewing this email.
Ways to prevent a possible phishing attack…
- Does the message create a heightened sense of urgency or are you feeling pressured when you read this email, rushed into a decision? The greater the pressure or sense of urgency, the most likely this is not a legitimate email. So next doesn’t make sense what the CEO of your company send you an urgent email or text asking for your help?
- Would your bank or credit card company ask for personal information that they should already have? If this message seems out of place, it is likely an attack.
- Are you receiving a work-related email from a coworker or a manager? But the email is using a personal email like a Gmail or a Hotmail.
- Did you receive an email from someone you know? But it just doesn’t sound like that person, the wording, or the tone, it just sounds off. If any of these things, if any. Our gut is the best. Our instinct is the best determining factor to know whether these things are legit or not. And if a message seems odd or suspicious, it could very well be a cyber-attack.
And if anything at all makes you uneasy, you have every right to do your homework and make sure that the source is legitimate. And probably the best way to do that is through the phone; pick up the phone, call whoever it is, hear their voice or from a trusted agency and get that information. Anyone who is sending you a legitimate email asking you for sensitive information will not be offended that you are asking for more verification.