Lately the news has been filled with talk of cyber-attacks on big corporations where their data is stolen and encrypted due to a breach in their security. But cyber-attacks also affect small businesses and individuals just as much as big companies.
This year we've seen an large increase in the amount of phishing attacks as well as greater sophistication in how they execute their scams. The key to preventing these attacks is by staying informed on how these attacks are being made and practicing safe usage.
Take steps to make your email more secure by properly utilizing the tools at your disposal. Configure your spam filter to sort through your emails and separate unwanted senders into their own file away from priority emails. When those emails still manage to make their way to your inbox you can easily mark them as spam and improve the filter for the next time an email from that sender appears.
Although spam filters work well they aren't perfect, and you may find yourself with a few that slip past. Keep an eye out for unknown senders or suspicious looking email addresses that look almost real.
Things To Watch Out For:
Official emails with spelling and grammatical errors should raise immediate suspicion. Large organizations have teams of proofreaders, and small companies that review their emails before sending them. So any email that is littered with errors should be scrutinized to determine authenticity and discarded if it looks like a phishing scam.
Take note of any emails asking you to confirm personal, financial, or other sensitive information over the internet as they could be potential scams. A sudden email from PayPal asking for you to confirm your account information, or Microsoft telling you that your card has been declined and needs to be updated should be treated cautiously.
Don't click any links provided or fill out forms embedded in the email as they could steal your information or infect your computer. Instead type the website directly into your browser and check the legitimacy by logging into your account.
Non personalized emails may be the most obvious form of phishing, but when you go from phishing to spear phishing emails can become personalized and be even more dangerous. Emails can go from "Dear Sir/Dear Madam" to "Dear Joe/Dear Jane" which can lull you into a false sense of security.
Spear phishing has become so sophisticated in recent years to the point where it can sometimes be very difficult to immediately know it to be a fake. With improved spelling and passable grammar, it is easier than ever for them to fool the unsuspecting into clicking links or opening attachments that can compromise their accounts. So never click links in emails, and always confirm with the source before you open attachments.
You should still read through to look for obvious errors in spelling or grammar and confirm with the person or organization that allegedly sent the email.
Don't fall for emails that are threatening or frightening that urge you to act quickly, they are looking to scare you into acting rashly. Things like "Your account will be suspended if you don't update your account info" or "Failure to login will lead to the account being disabled" should trigger suspicion. Instead of using the links they provide, open a web browser and type the website into the address bar to check your accounts.
When receiving emails asking for payment or money, you should always check with the party in question to confirm authenticity even if you are expecting it. Instances where you are sent an invoice you've been expecting, then receive another invoice asking you to disregard the previous one not long after should be treated with caution and result in you contacting the party.
If it's an email from someone you know asking for money due to an emergency you should contact them directly via phone or re-typing their email address into the address bar, not replying to the suspicious email.
The best tips to remember are:
1. Don't reply to emails that could be potentially unsecure, instead find their email from a reliable source and type it into the email address field yourself.
2. Look for secure sites when conducting online business by checking the URL for "https" where the "s" stands for secure.
3. Don't divulge personal information over the phone if you didn't initiate the call
4. Do not click links, download files, or open email attachments without knowing the sender
5. Never email personal information
6. Be wary of links in emails that ask for personal information
7. Block pop ups
8. Don't copy websites from pop ups, click links, or any buttons. Hit X and close it
9. Use firewall, spam filters, antivirus, and anti-spyware to keep your device safe. Don't forget to update regularly
10. Check online accounts regularly to avoid unauthorizes charges to your accounts