Phishing is when criminals use fake emails to lure you into clicking on links or attachments and handing over your personal or financial information, or installing malware on your device. It’s also one of the most common cybercrimes, with an estimated 3.4 billion spam emails sent daily. It’s easy to avoid a scam email, but only once you know what to look for. Below are a few tips on how you can protect yourself from phishing:
Learn how to spot phishing attempts
Your email spam filters typically do a good job at filtering emails, but fraudsters are always trying to outsmart filters. The signs can be subtle, but once you recognize a phishing attempt you can avoid falling for it. Here are some quick tips on how to clearly spot a fake phishing email:
- Contains an offer that’s too good to be true
- Language that’s urgent, alarming, or threatening
- Poorly-crafted writing with misspellings, and bad grammar
- Greetings that are ambiguous or very generic
- Requests to send personal information
- Urgency to click on unfamiliar hyperlinks or attachments
- Strange or abrupt business requests
- Sending e-mail address doesn’t match the company it’s coming from
What to do if you see a phishing email
Don’t worry, you’ve already done the hard part which is recognizing that an email is fake and part of a criminal’s phishing expedition. If it came to your work email address, report it to your IT manager or security officer as quickly as possible.
If you’re at home and the email came to your personal email address. Do not click on any links (even the unsubscribe link) or reply back to the email, and delete the email altogether. You can take your protection a step further and block the sending address from your email program, too.
What to do if you accidentally click a phishing email
If you accidentally click a phishing email, you need to act quickly. Immediately disconnect your device from the internet. If you’re connected via Wi-Fi, locate the Wi-Fi settings on your device and disconnect from the network. If you’re connected using an ethernet cable, unplug it immediately. After disconnecting from the internet, back up your files using an external hard drive, like a USB thumb drive or cloud storage.
After, scan your device for malware. If you’re not technologically savvy, it’s best to leave this to a professional. Some malware can be disguised as a legitimate program. You’ll also want to change your credentials, so your personal or financial information can’t be compromised. If you don’t already, be sure to use different passwords across accounts, so it’s more difficult for scammers to access your information. Lastly, freeze your credit and set up fraud alerts with one of the three major credit bureaus (Experian, Equifax, and TransUnion). Once you’ve notified one bureau, they legally must notify the others.
Scams are becoming increasingly more common, especially in today’s age with technology. It’s important to remain vigilant and continue to educate yourself, friends, and loved ones on new tactics that may arise. This is part four of an 11-part series on cybersecurity and how you can protect yourself online in today’s digital age. For more educational tools and tips, visit our Learning center.
