How to Stay Safe from Phishing Emails
Ever received a weird lucky draw email from some random company? Or ever read a, ‘Thankyou for signing up,’ email from PayPal but you didn’t sign up for PayPal? That’s called phishing. Although it’s 2017 and we’d like to believe that our anti-viruses or anti-malware systems are pretty efficient, that’s hardly the case. This year alone saw some of the worst malware attacks crumbling global organizations and causing billions in damage. In most of these attacks, it starts with a simple email that a user naively clicked. So what exactly are phishing emails and how do you stay safe? Here’s a quick guide.
What is Phishing?
Phishing emails or scams are different than regular sketchy emails. You’d know better than to click on a random email from a strange looking account. Hackers however, have become more sophisticated. And so now you have phishing scams and emails which are dangerous because they embody the persona of a legit organization. You will get emails from your bank, a credit card company, a social site and so on. The emails will entice or provoke you to click a link, give out sensitive information and in some cases open an attachment. The moment you open that attachment or click on that link, you’ve made your system vulnerable to a malware attack.
Phishing works on principles of social engineering where hackers use people’s fear, weaknesses in combination with system vulnerabilities to carry out malicious attacks. In fact, just a few months ago, people across the United States were affected with a Google Doc phishing scam that used the victims’ Google accounts to authorize malicious apps. Users received an email where a contact shared a google doc with them. On clicking the doc, their accounts were compromised.
How Do You Stay Safe from a Phishing Scam
The obvious answer is common sense, but phishing can get even the most careful users to make a mistake. So it’s not just common sense, but a combination of different safety mechanisms that can protect you from falling prey to a vicious phishing scam.
Always be on High Alert and Never Let Your Guards Down
At the heart of a phishing scam, is your engagement and your blind trust. As a rule of thumb, every time you open an email you have to be careful and aware of the context. For example, let’s take a look at PayPal. It’s one of the most common phishing scams to affect users. You may get an email that requests you to, ‘Sign In,’ to your account. Before you click on the link, look at your whole email structure carefully. Check the From and the to. Is the email directly addressed to you? Is the email coming from a legitimate domain? Check for grammatical and spelling errors (which are common signs of a scam). Then use some analytical skills. Did you sign up for PayPal with this account? Have you ever signed up for PayPal? The end point being – never let your guards down when your handling downloads, attachments or links. It may sound like a lot of work, but it’s for your own good.
Keeping Your Security System Strong
You can’t always play smart with a phishing scam. Some of them are so sophisticated in nature that even IT professionals may fall for it. This means that you also need to be prepared for a malware or phishing attack at all times. You can achieve that by ensuring your security system is strong and protected against uninvited emails and data hacks. Use a password generator to store and backup your passwords. Keep your anti-virus, anti-malware programs updated. Use 2-step security logins to keep your accounts safe. The best way to deal with a phishing email is to keep yourself on guard using a combination of smart thinking along with efficient security tools.
Never Give Out Your Details or Complete Forms
Legitimate companies will never ask you to enter your credentials through an email. Every time you spot an email asking you to drop in your personal information including your name, security number, credit card number etc, know that it could mean trouble. You don’t win contests, get free airline tickets or free passes unless you specifically enrolled for it. You know your online activities well, so if any email asks you to pay a certain amount or use a certain code to, ‘get your prize/cash/tickets,’ stay away.
Hackers are smart, but that’s because we allow them to be smart. The initial step of every email scam, every malware attack starts with a user agreeing to engage. If you don’t click on links, don’t open attachments from unknown sources and don’t fall for free prizes, you won’t be victims to malicious attacks.
When in doubt just don’t do it! Stay smart, stay safe!