Category: Phishing



How to Protect Yourself Against Phishing
Amit Doshi

How to Protect Yourself Against Phishing

Phishing has been one of the most popular cyber threats that companies and individuals had to deal with in the last couple of years. According to a 2019 study by Security Intelligence, attackers used phishing as the entry point for over a third of cyber-attacks carried out during that year.

Most of these phishing attacks are made through emails, social media, and other platforms on which many people spend most of their time. If you would like to learn more about phishing and how you can protect yourself against it, this article is for you. We will first discuss some of the basics of phishing and then dive into the details of how to protect yourself against this cyber threat that has become pretty popular in recent years.

This article is also for cybersecurity professionals, including network jobs, data security, and information security professionals. The information we are about to share could help you improve how you can protect users in your company from being the next victims of phishing.

What is phishing?

Phishing is a social engineering attack where the cyber-criminal sends fraudulent messages designed to trick the victim into sharing sensitive information about themselves, including login credentials, payment information, etc. In 2021 cyber security studies showed that over >96% of phishing emerged from emails.

Anyone using the internet today can be a victim, no matter what device you are using.Unlike malware that mainly targets desktop computers, phishing attacks target mainly mobile devices since most people use smartphones and tablets to access the internet. The bad news about this cyber threat is that you can’t use software to protect yourself. It is the knowledge you have about it that will save you from being the next victim.

So, if you are a cyber security professional, you need to take time and educate users under your docket on the basics of phishing and how they can protect themselves against this attack. Education about this cyber threat should also be done continuously because attackers are constantly creating new strategies for compromising the next victims.

Now that we know some basics about phishing let’s discuss how you can protect yourself from it.

Protecting yourself from phishing

1. Don’t click links in emails you don’t know.

As we have earlier discussed, most of the phishing emerged from email. So, when you get an email from a user you don’t know, don’t be tempted to click the links they ask you to click before knowing why they are making that request. If someone sends you a suspicious email that contains links, simply neglect or delete it from your inbox altogether.

If you badly want to check out a link from a suspicious email, first check whether it is safe to use any of these platforms. These link safety checking platforms will help you scan the link to find out if it is secure.

2. Don’t share personal information with anyone.

One of the best ways to avoid being a victim of phishing is not sharing your personal information, including login credentials or payment details, with anyone, whether you know them or not. When you have this rule of not sharing your personal information, it will be more natural for you not to share it even when an attacker tricks you into doing so.

3. Be careful with whom you share your email.

The web has millions of websites, and most of them will always request you to share your email whenever you visit them. However, if you don’t trust the website, don’t be tempted to share your email with them. Some of these sites sell user information such as emails and credit data details to the dark web as a way to generate income.

You may also use “Hide my email” services like the one Apple offers in its latest version of macOS, iPadOS, and macOS. If you are using an Android or Windows device, you may use other platforms like 1Password; they also have this “Masked email” feature that will hide your email while signing up on websites you don’t trust.

With this feature, your actual email is replaced with a random email that is connected to the servers of the service provider. So, if you choose to block emails from a particular website that you find suspicious, they will no longer be able to send you messages even when they try using another emails address to do so.

4. Do not open attachments you don’t trust.

If someone you don’t know sends an attachment to your inbox on your email or social media, first confirm who they are before you open it. Attackers use this trick to attach pieces of code that will automatically start harvesting your data as soon as you open it on your pc or mobile device.

But even if the person you know sends an attachment you don’t expect, contact them to confirm that this attachment was sent by them. Usually, when an attacker compromises one person, they tend to use their account to send emails with links and attachments to most of the victim’s friends to get the chance of compromising their accounts as well.

To be safe, set yourself a rule of not opening any attachment if you do not expect to receive it, even if it is from people you know.

Conclusion

Despite being a pretty popular cyberthreat, phishing is one of the easiest threats to deal with if you know exactly what to do. Attackers are always coming up with new ways of tricking users into clicking data harvesting links and opening unsafe attachments. However, if you set yourself rules of not opening links or attachments from people you don’t know, you will save yourself from being a victim of these phishing attacks.

If you are into cyber security or trying to pursue a career in this field, it is important always to stay updated on all the latest phishing strategies that attackers are coming up with. You should then share this information with the people you are in charge of to save them from being the next victims.

by Editorial Staff

If you enjoyed reading today’s article please subscribe here.

Read more