How to Protect Against Phishing

Phishing scams are usually presented in the form of spam or pop-ups and are often difficult to detect. Once the fraudsters obtain your personal information, they can use it for all types of identity theft, putting your good credit and good name at risk.

Because phishing is one of the most devious forms of identity theft, it is important for you to become familiar with various types of phishing scams as well as to learn how to guard against them.

However, some information security pros now believe that cybercriminals view phishing attacks as a successful (and easy) way of getting into an enterprise to launch more sophisticated attacks. Humans are, after all, increasingly seen as the weakest link and thus the most effective target for criminals looking to infiltrate an enterprise or SME.

Follow the tips below and stay better protected against phishing attacks.

1. Be sensible when it comes to phishing attacks: You can significantly reduce the chance of falling victim to phishing attacks by being sensible and smart while browsing online and checking your emails. For example, as ESET’s Bruce Burrell advises, never click on links, download files or open attachments in emails (or on social media), even if it appears to be from a known, trusted source.
2. Watch out for shortened links: You should pay particularly close attention to shortened links, especially on social media. Cybercriminals often use these – from Bitly and other shortening services – to trick you into thinking you are clicking a legitimate link, when in fact you’re being inadvertently directed to a fake site.
3. Does that email look suspicious? Read it again: Plenty of phishing emails are fairly obvious. They will be punctuated with plenty of typos, words in capitals and exclamation marks. They may also have an impersonal greeting – think of those ‘Dear Customer’ or ‘Dear Sir/Madam’ salutations – or feature implausible and generally surprising content.
4. Be wary of threats and urgent deadlines: Sometimes a reputable company does need you to do something urgently. For example, in 2014, eBay asked its customers to change their passwords quickly after its data breach.
5. Browse securely with HTTPs: You should always, where possible, use a secure website (indicated by https:// and a security “lock” icon in the browser’s address bar) to browse, and especially when submitting sensitive information online, such as credit card details.