Cybersecurity Awareness Month, Week 2 – Phight the Phish!
Phishing – or, how to “Phight the Phish!” – is the theme for Week 2 of Cybersecurity Awareness Month. With the countless ways cybercriminals phish for potential victims, there easily could be an entire month dedicated to this cybercrime alone.
Phishing attacks use email or malicious websites to infect your machine with malware and viruses to collect personal and financial information. Cybercriminals attempt to lure users to click on a link or open an attachment that infects their computers, creating vulnerabilities to use to attack. Phishing emails may appear to come from a real financial institution, e-commerce site, government agency, or any other service, company or individual. These emails may also request personal information like account numbers, passwords or Social Security numbers. When users respond with this information or click on a link, attackers use it to access users’ accounts.
We’re all familiar with the phishing scam of yesteryear – a down-and-out prince from a faraway country couldn’t access his inheritance but would happily reward you if you helped him by sharing your bank account info for a quick transfer of funds. Phishing scams also can prey on the fears of individuals during times of crisis. During the pandemic, there were reports of email advertisements offering miracle cures for COVID-19. When the economy crashed in the late 2000s, cybercriminals asked promised leads to countless job opportunities in exchange for driver’s license numbers and other pieces of personal information.
Other examples of phishing emails include:
- Claims of unauthorized transactions on your accounts.
- Requests to verify your information.
- Claims that an account was overcharged.
There are easy ways to avoid falling victim to phishing:
- Play hard to get with strangers – If you’re unsure who an email is from – even if the details appear accurate – do not respond.
- Think before you act – Many phishing emails create a sense of urgency, causing the recipient to fear their account or information is in jeopardy. Don’t act hastily – if the email appears to come from someone you know, reach out to that person via a separate secure platform to confirm.
- Protect your personal information – Spear phishing occurs when cybercriminals contact you with specific details about you, like your job title, multiple email addresses or your full name, to get you to skip normal security protocols.
- Beware of hyperlinks – Avoid clicking on hyperlinks in emails and hover over links to verify their authenticity. Ensure URLs begin with “https” – The “s” indicates encryption is enabled to protect users’ information.
- Double your login protection – Enable multifactor authentication (MFA) to ensure that the only person who has access to your account is you.
With so many phishing methods available to cybercriminals, it’s essential to protect your IT infrastructure through anti-virus software and other solutions. If you need help hardening your cybersecurity, contact 2W Tech. Our IT consultants on staff have decades of experience in cybersecurity, and we specialize in solutions for the manufacturing industry. Contact us today to learn more.