If you email, text or have any online presence, there’s a high probability that, eventually, you’ll be hit with a phishing scam. No one is immune to being targeted by these types of deceptive messages. Data consistently shows phishing is one of the most common cybercrimes, with more than 500 million reported attacks in the U.S. last year alone.
However, it’s important to note that just because attempts are made to breach our systems doesn’t mean we have to fall prey to them. To bolster your defenses against phishing and help safeguard your personal information, start with these tips from cybersecurity experts at Sullivan Wright Technologies.
1. Be skeptical of every email. By and large, we are trusting of others and their intentions. This can leave us vulnerable to opening emails or links from supposedly trusted sources quickly and indiscriminately. It sounds straightforward, but you must remember to think before you click.
2. Consider the greater context. When you receive a message, you should ask yourself, “Am I expecting this?” Did it come out of the blue or contain a surprising message? If so, that’s an instant red flag. Attackers often play to our emotions, eliciting fear, urgency and authority to encourage action. You should be wary if an email or text seems unreasonable or inconsistent with the purported senders’ previous behavior.
3. Inspect the “from” line. Just because a message comes from a familiar name like your bank or health care provider doesn’t mean it’s reputable or safe. You should always double-check the email address. If you’re still unsure about its legitimacy and the enclosed URLs, log into your accounts through a new browser. Searching can open you up to getting hit with phony sponsored results.
4. Scrutinize the links. It adds a few extra seconds when checking your inbox, but it’s worth the effort. Before clicking on any links, hover over them on your computer or press hold on your mobile device to see where they’re directing you. If the URL seems suspicious, it likely is.
5. Look for other “tells” in the message. You can discern a lot about an email or text’s authenticity by whether it addresses you by name or email. For example, if you receive a message from your long-time financial institution that says, “Hello, firstname.lastname@example.org” versus “Hello, Jane,” alarm bells should go off. Wonky grammar or native English constructs, such as “head office” for “headquarters” or “vandal” for “criminal,” may also denote that the content came from a foreign actor.
6. Consider security awareness training. Cybercriminals constantly change their attack tactics. To avoid complacency and potentially getting caught in their web, you can contact cybersecurity firms or cyber-knowledgeable IT companies to set up a custom filtering service, monitor your systems and execute responses to potential breaches as needed.
The average American receives hundreds of messages by email, text and on digital platforms daily. Chances are that some are phishing attempts by cybercriminals. By taking precautions, you can better determine what’s legitimate — and what’s not — to stave off deceptive efforts and protect yourself from potential attacks.