Key takeaways:
- Phishing attacks aim to install malware or gather personal information by posing as a credible source.
- By taking time to evaluate communications – even from sources you trust – you can lessen your chance of falling victim to a scam.
- Utilizing measures such as two-factor authentication can also help you prevent phishing attacks.
A cool breeze at your back. The sun shining on your face as you patiently wait for your bait to catch. Fishing is fun, but phishing isn’t.
Phishing is a cybercrime aimed at gaining sensitive data such as personal information, bank account details, credit card numbers and passwords. Victims are typically contacted by email, social media, telephone or text message, and the criminal usually poses as an authority figure or trusted institution representative.
Online scammers are at an all-time high. In fact, phishing scams are mostly targeted against those in the United States with 85 percent of attacks in 2018 according to Phish Labs’ 2018 Phishing Trends & Intelligence Report. As new scams emerge, it’s important to stay vigilant.
So, what can you do to protect yourself?
- Verify the sender. With social media, it’s easy for hackers to identify who your colleagues and loved ones are. They can create email addresses that include your colleague’s name or ones that are very similar to your friend’s email. Before you open, make sure you verify who the email is coming from by looking at the sender’s name and email address.
If it’s a branded email, still ensure that it’s actually that company. For example, if “Microsoft” is misspelled “Mirosoft,” there’s a good chance the email is a scam. Small misspellings, weird numbers and odd names in the actual email address can signal that it’s not truly from the company. According to cyber security platform Avanan, one in 25 branded emails is a phishing email with phishers typically posing as Microsoft and Amazon.
Some phishing scams even use the company’s logo in the header, making them look very legitimate at first glance. If the email is convincing, cross-compare it with other emails from that company. You could also call or email the company or person directly using a number/email address you know to be correct – not one from the email in question. They can help you verify if it was them.
- Don’t click unknown links. More than half of phishing attacks contain links to malware, according to Avanan. Beware of links – even if you’ve already verified who the email is from. Simply hover over the link without clicking on it to see where the link would take you. Shortened links that don’t provide much information are ones you should be especially suspicious of.
- Be wary of attachments. Items that look like word documents or Microsoft Office Suite files can still contain threats. Look for poor grammar and spelling or a message without your name. These are typically signs of a phishing scam.
- Ignore the sense of urgency. Most scammers try to make you feel frazzled. They’ll use language that make you think you need to act immediately. Phrases such as “act now or your account will be shut down” or “for a limited time only” can trick you into acting in a hurry, which is exactly what they want. Take the time to properly review the communication and ensure it is legitimate. Furthermore, that false sense of urgency should be a red flag when you are communicating.
- Keep your security up to date. Ensure your computer and phone have updated security software in place to protect you from phishing scams. Back up your data and utilize the latest software, which can better detect scams.
- Utilize multifactor authentication (MFA). With MFA, you have to go through multiple authentication steps before accessing a website. This is a good way to create another barrier between you and would-be thieves.
- Create strong passwords. Use a mix of letters (both capital and lowercase), numerals and symbols in your passwords. Don’t use the same password for multiple platforms. If a thief gains access to your social media account, you don’t want them to also automatically have access to your bank account.
- Educate your loved ones. Teach your loved ones about common phishing techniques. Help them understand what to look for, so they don’t fall victim to a phishing attack.
By taking extra precautions, you can lessen your risk of becoming hooked in a phishing scam. If you have questions about how you can better protect your online banking account, visit your local MidWestOne branch.
MidWestOne Bank does not provide tax, legal or accounting advice. This material has been prepared for informational purposes only, and is not intended to provide, and should not be relied on for, tax, legal or accounting advice. You should consult your own tax, legal and accounting advisors before engaging in any transaction.
You are now leaving MidWestOne Bank.
We have provided this link for your convenience and are not responsible for the content, links, privacy policy, or security policy of this website.
Email is not a secure method of data transfer. Personal and confidential information should not be sent via email. Please contact MidWestOne Bank if you need to provide confidential information.
Would you like to continue?
Continue to Email?
Yes, Continue No, Cancel