Cybersecurity Month: Phishing – Don’t Get Hooked!
“During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.”
Have you received an email with a similar message? It’s a scam called “phishing” – a phishing email can look just like it comes from a financial institution, e-commerce site, government agency or any other service or business. It involves hackers and cyber-criminals who are looking to lure personal information from unsuspecting victims. It often urges users to act quickly, to collect personal and financial information or infect your machine with malware and viruses.
How do you avoid being a victim?
- Don’t email personal or financial information. Email is NOT a secure method of transmitting personal information. Before sending sensitive information over the Internet, check the security of the website. (Look for https://)
- Pay attention to the website’s URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation of spelling or a different domain.
- If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement, not information provided in an email.
- Keep a clean machine. Install and maintain anti-virus software, firewalls, and email filters to reduce spam.
What to do if you think you are a victim?
- Forward spam that is phishing for information to firstname.lastname@example.org. Also alert the company being impersonated in the phishing email so they can be alert.
- Review credit card and bank account statements as soon as you receive them to check for unauthorized charges.
- File a report with the FBI’s Internet Crime Complaint Center. (http://www.ic3.gov)
Spam, phishing and other scams aren’t limited to just email. They’re also prevalent on social networks: When in doubt, throw it out. This rule applies to links in online ads, status updates, Tweets and other posts.