HackerCombat Guide on How to Prevent Phishing Attacks
Phishing attacks are now very common; every one who uses the internet comes across phishing emails almost daily and it seems that most of us have now trained ourselves to identify phishing emails. But have we really turned that clever? Doesn’t it seem, from all the successful phishing attacks that happen against individuals and organizations, that cyber criminals have succeeded in outsmarting us and tend to continue with their mischiefs?
Yes, despite the fact that internet users have now turned cleverer and have begun to distinguish between genuine emails and phishing emails, phishing attacks are happening commonly. You could get lured to click on a phishing link on seeing a great holiday offer being made, you could be prompted to download a document when a mail mentions something about a bank transaction that you seem to have made unknowingly and you could end up being the victim of a phishing attack.
All kinds of malware, including the very dangerous ransomware, which could cause businesses to crash, get distributed via phishing attacks. So, how do we prevent these disastrous phishing attacks? Here are some very valuable tips that could help users stay protected against phishing attacks:
Be wary of any email that seeks information
You might get emails that ask for all sorts of information. This could include details about your bank account or debit/credit cards, other personal details like address, phone number etc, details pertaining to your job etc. It’s always better to be rather wary of any such email that seeks information of any kind. The best thing to do is to call up the person or institution that seems to have sent the email and confirm the genuineness of the same. This kind of an approach could be seen as one of the best cyber security practices and could also help you prevent many phishing attacks. It could help save your personal data from being misused and your hard-earned money from being robbed.
Be wary of messages from known sources as well
Phishing emails and messages could come from known sources too, including friends or relatives you know or institutions or business firms you are associated with. Their accounts could be hacked and these hacked accounts could be used to send out phishing emails to you and other such unsuspecting users. Hence, emails and messages coming from known sources too, especially if you sense anything uncommon about them, should be treated with extreme care and caution. You could even call them up and verify if they had indeed sent you an email or a message.
Be extremely wary of links that come seeking you
Links that come seeking you and which might be promising interesting things- pictures, videos etc, could be potentially dangerous. You need to be extremely cautious about such links and double check their genuineness before you click on them. If such a link comes via an Instant Messenger chat or a mail, you could ask the person if he had indeed sent you a link and also ensure that it is indeed safe to click on the link.
Beware, even official-looking messages could be dangerous
Messages and emails that seem to be coming from official emails ids or emails that seem to be having official content could turn out to be phishing emails. There could be emails that seem to be discussing things pertaining to your bank account or tax refunds, and you’d feel inclined to go ahead and open it to know more. Once you open it and click on a link or download something, a malware makes its entry into your system and that’s it, you’re done. If it’s a ransomware, you could end up losing your money or sometimes your valuable data. A cyber criminal might use a malware to gain control of your system and then use the same to carry out further attacks, even without your knowledge. So be extra cautious even if the messages seem to be official ones. Almost a couple of years ago, there was an incident in which residents of Pennsylvania got emails that seemed to be coming from the local police department and which contained speeding tickets, which were in fact fake. But the surprising thing was that those who got the emails had indeed been speeding and the fake emails had all necessary traffic data to lure people to click on the link given in the email for fine-payment, which would in turn cause a malware to be installed on their systems. So it’s always good to ensure all such official looking emails and messages are genuine ones, before clicking on a link or downloading a file that comes with the message.
Always go for multi-factor authentication
Always use multi-factor authentication because it reduces risks of your account getting hacked. Once your account is hacked, you yourself could fall victim to phishing attacks and the attacker might even use your email account to execute phishing attacks on others.
Use security tools, especially a trusted antimalware software
As security people, we’d always advise you to use security tools as and when necessary. For everyone who uses a system, especially if they connect to the internet or connect other devices to the system, it’s very important to use security tools, the most important among them being an antimalware software. Using security software is important for individual users as well as for businesses and organizations.
Update your software and OS regularly
Always make it a point to update your software and your OS (operating system) regularly. Your anti-malware software works effectively only when it’s updated. Similarly, it’s only when you have all system patches up to date that you could stay clear of vulnerabilities and attacks. This is important as regards protecting yourself from phishing attacks too.
Back up your data, update the backup regularly
Well, this is not about protecting yourself from phishing attacks, this is more about protecting your data even if a phishing data happens (this is indeed a probability you have to reckon with, in today’s scenario). You should always have a back up of all your data, and you should also make it a point to keep updating the same at regular intervals. This ensures that even if you fall victim to a phishing attack, you can recover with minimal damages.
Julia Sowells250 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.