How to Recognize and Protect Yourself From Phishing

By now, everyone has encountered a form of phishing at least once in their lives – whether via email, SMS, or social media. Not only is phishing extremely prevalent, but it’s also still the number 1 cause for cyber attacks among companies. There are several types of phishing, although they all involve a scammer providing fraudulent information to extract money or information from someone.

Let’s dive into what phishing looks like, how to recognize it, and how to avoid it using basic cybersecurity precautions.

What Does Phishing Look Like?

Phishing is often hard to recognize precisely because it is meant to trick people. Then there’s also the fact that phishing tactics keep evolving in their complexity and persuasiveness. Nonetheless, there are a few ways to identify the different phishing attempts generally running amok on the web. Here’s a look at some of the most popular tactics.

Email Phishing / SMS Phishing (Smishing)

This category covers the broadest array of phishing methods and usually goes one of two ways. The scammer will pose as a legitimate person or entity and then ask for personal information like passwords or send a link to a legitimate-looking website.

The other instance is when the scammer urges someone to pay them money either for a service or to help with an emergency. In both cases, the email or SMS will often contain a sense of urgency.

Spear Phishing

Criminals gather information about a person or company, then send emails pretending to be someone familiar, like a coworker. The email will usually either contain links, downloads, or ask for sensitive information like passwords.

Sextortion

This involves sending emails to people where the criminal is pretending to have incriminating evidence about the person. Sextortion is fairly common too. Usually, it’s a claim that they have photos or videos of the person in a compromising or embarrassing situation. They then ask for a ransom to be paid not to release this “evidence” online.

How to Identify Phishing Attempts

How to Avoid Phishing

Be on Guard

Heed the warning signs mentioned above and be on the lookout for anything suspicious. Even with messages or emails sent by friends or contacts. Many phishing tactics use a breached account to send phishing emails or messages to its contacts list.

Check links

Always scrutinize a URL sent via a message or email before clicking on it. Remember that the part right before the .com (or .net or any other domain extension) is the actual website. So something like “amazon.random.com” isn’t going to Amazon’s website but somewhere else altogether.

Use a VPN

VPN doesn’t just protect from a host of cyber attacks; the premium ones also come with extra useful features. Like malware protection and ad blockers. These can help if a phishing attack occurs to lessen the potential impact.

Use Unique Passwords

Many phishing attacks are criminals’ attempts to get passwords for certain accounts. The problem is, many people reuse their passwords across many accounts – leaving all of them vulnerable. Don’t make the same mistake! Use a unique password for every account.

Set Up Two-Factor Authentication

Two-factor authentication is available for most online services and works by sending a one-time pin (OTP) to a separate device or account. This prevents criminals from getting into an account, even if the password is discovered.

Bottom Line

Phishing is very common, and the only way to avoid becoming a victim is to be on the lookout for anything suspicious. Even so, sometimes an attempt slips by, and the next best thing is to be prepared. Use security tools and avoid making unnecessary mistakes like reusing passwords.

Exit mobile version