Keep Safe from Phishing Attacks and Online Scams

How to Keep Safe from Phishing Attacks and Online Scams

https://www.continuum.net/blog/how-to-keep-clients-safe-from-phishing-attacks-and-online-scams-this-holiday-season

What are Different Phishing Techniques used by Attackers?

The scope of phishing attacks is constantly expanding, but frequent offenders tend to:

Embed a link in an email that redirects the user to an unsecured website that requests sensitive information
Install a Trojan via a malicious email attachment or ad which will allow the intruder to exploit loopholes and obtain sensitive information
Spoof the sender address in an email to appear as a reputable source and request sensitive information
Attempt to obtain company information over the phone by impersonating a known company vendor or IT department

How Can I Avoid Phishing Attacks?

Don't reveal personal or financial information in an email.

Do not to respond to email solicitations for this information. This includes clicking on links sent in these emails.

Before sending sensitive information over the Internet, check the security of the website.

Are you practicing safe browsing habits?

Pay attention to the website's URL.

Not all emails or email links seem phishy, and you may be lured into a false sense of security. Many malicious websites fool end users by mimicking legitimate websites. One way to sniff this out is to look at the URL (if it's not hidden behind non-descript text). You may be able to detect and evade the scheme by finding variation in spellings or a different domain (e.g., .com versus .net).

Verify suspicious email requests by contacting the company they're believed to be from directly.

If you receive an email from a Bank (or company) that seems to be off, reach out to the bank. Contact them using information provided on an account statement, NOT information provided in the email.

Keep a clean machine.

Having the latest operating system, software, web browsers, antivirus protection and apps are the best defenses against viruses, malware, and other online threats.

How Can You Stay Safe during the Christmas season and Cyber Monday?

Scammers can be lurking with bogus websites and fake emails to steal victims' money and identities.

Be wary of emails with enticing sales.

As we covered above, following links from phony e-mail is one of the oldest methods for perpetrating any online scam. During the holiday season, attackers will attempt to fool people with messages teasing unbeatable sales at known sites, like Best Buy and Amazon. Make sure you don't click these links. Instead, open your Web browser, enter the URL to the site offering these discounts and search for these "steals of a deal" manually. If you can't find the amazing offer, it's likely a scam.

Shop only on websites they know and trust.

With many retailers offering deep discounts, sometimes as much as 50 percent, it may be tough to figure out which deals are too good to be true.

Secure your purchases.

You should only enter credit card details on web pages that use SSL (secure sockets layer) security. To determine this, check to see that the URL for the page begins with "https://" and not "http://." That "s" lets you know the site is secure. Most browsers will also show a lock icon in the lower right corner of the browser window to let you know you're on a secure site.

Pay with credit cards only.

Pay for online purchases with a credit card as opposed to a wire transfer or other non-plastic payment method. Federal laws let you dispute an item on your credit card bill if you don't receive your purchase, and many credit card providers also have "zero liability" policies meaning you're off the hook if a bad guy gets your credit card and starts using it.

Use different passwords across multiple sites.

Attackers will use the same user name/email and password combinations harvested in an attack across multiple sites. These cybercriminals freely trade this information and have the time and resources to try the combinations against multiple sites. Share these tips to help improve password security!

Create a "throw away email account."

All of the major email services like Gmail and Yahoo allow you to create free email accounts. Consider creating an email account just for the holiday season shopping and stop using it after the holidays. Furthermore, you can use this email address as your user name for all online transactions that require one. This will reduce SPAM in your primary email accounts, and help keep attackers from gaining access and obtaining sensitive data shared there.