Phishing Attacks and How to Protect Against Them

 

Phishing is a technique used by cyber criminals to trick you into revealing sensitive information such as usernames, passwords or even banking information. Though usually carried out through email, phishing has spread to social media, messaging services and web applications. Keep reading to find out how to protect yourself from phishing.
Types of E-mail Phishing Schemes

Clone Phishing

Is where a legitimate, and previously delivered, bit of online correspondance is used to create an almost identical or “clone” email.

Spear Phishing

This is a phishing attempt directed at a particular Individual or company

Whale Phishing

Defined as a phishing attempt directed specifically at a senior executive or another high-profile target within a business.

What Can You Do?

Be suspicious of any email or communication (including text messages, social media post, ads) with urgent requests for personal financial information.

  • Phishers typically include upsetting or exciting (but false) statements to get people to hand over their usernames, passwords, credit card numbers, Social Security numbers, date of birth and other personal information.

Be sure to Setup 2-Factor Authentication for Google G-Suite or Multi Factor authentication if you have Office! I have included the below links for you:

G-Suite 
Office 365

Avoid clicking on links. Instead, go to the website by typing the Web address directly into your browser or by searching for it in a search engine. Calling the company to verify its legitimacy is also an option, too.

  • Pay attention to the website you are being directed to and hover over URLS. “http://www.2paypal.com”or “hxxp://www.gotyouscammed.com/paypal/login.htm.”

Never send personal financial information via email, and avoid filling out forms in email that ask for your information.

  • You should only communicate information such as credit card numbers or account information via a secure website or telephone.

Use a secure website (https:// and a security “lock” icon) when submitting credit card or other sensitive information online.

  • Never use public, unsecured WiFi for banking, shopping or entering personal information online, even if the website is secure.

Other Helpful Tips:

  • Unless an email is digitally signed, you can’t be sure it wasn’t forged or spoofed.
  • Double-clicking the “lock” icon on a website will display the security certificate for the website. If the certificate isn’t displayed, or you get a warning message that the address of the website does not match the certificate, do not continue.
  • Typically, phisher emails are not personalized, but they can be. Valid messages from your bank and e-commerce companies are personalized. When in doubt, call the company directly to see if the email is in fact from them.
  • Phishers have the ability to spoof and/or forge the https:// that you normally see on a secure Web server and a legitimate-looking Web address, which – again – is why you should always type the web address yourself instead of clicking on displayed links.
Office 365 Products
Help Protect Office 365 against targeted attacks and safegaurd sensitive information withSymantec Skeptic.
Questions?
Additional Steps for G-Suite
As a G Suite administrator, you can protect users’ incoming mail against phishing and malware and choose what action to take based on the threat.
View G-Suite Steps
Have Questions or need some help? Never hesitate to give us a call at 303.828.9882
view this email in your browser
Our mailing address is:
720 Austin Ave, Suite 202
Erie Colorado, 80516Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.Copyright © *2018* *New Media One*, All rights reserved.

 

 

Add A Comment