October 4, 2018
Cybersecurity Tips: Protecting Yourself Against Phishing Attacks .
On the blog, we discussed the recent number porting scam and how you can protect yourself.
Today, in honor of Cybersecurity Month, we’re talking about one of the original cyber scams, phishing.
What is phishing? Phishing scams began in the 1990’s and have become one of the most common forms of cyberattacks. They are defined by a cybercriminal masquerading as an entity or person you might trust—a friend, your bank, the IRS, your health insurance provider or a company that you have a social media or email account with, for example—in hopes of gaining access to your accounts, systems and/or personally identifiable information.
Phishers may try to trick you into opening an email/message/text or clicking on a link that installs malware on your device to provide them with the access they seek. Or they may contact you via a phone call, text, email, social media message, etc. to try to get you to provide your information.
They are typically seeking your credit card number, bank account, Social Security Number, account password or other personally identifiable information that may allow them to steal your identity, access your accounts for financial/social/political gain or otherwise extort you.
How can you protect yourself against phishing?
- Before opening a message or clicking on a link, take time to make sure it looks legitimate.
- Don’t download attachments from unknown senders.
- Don’t interact with messages that say they are from someone you know, but don’t sound like them, especially if they include strange links or attachments.
- Never give out your passwords, credit card info, bank account details, SSN, driver’s license number, etc. to anyone who solicits you for it without taking proper steps to verify their identity.
- Set up complex passwords on your accounts. Don’t use the same password across all accounts.
What should you do if you think someone is phishing? End the conversation, don’t click on anything and don’t provide any information about yourself.
But if you’re worried that the request you received might be real, go to the source. For example, if you receive an email that looks like it’s from your bank and it asks you for your SSN, be wary. Don’t use any contact information provided in the email to verify the request. Instead look up the bank’s contact information yourself—by going to their website, referencing a business card or even stopping by your nearest branch—to follow up on the request.
For more information about how to protect your information, see CTIA’s Protecting Your Data on Your Mobile Device tips.