We are our worst nightmare! The fact remains that humans are the biggest threat to cybersecurity. For that reason, here are some of the most effective ways to protect yourself against phishing scams that are sent to you through email and your phone.
Twitter Phishing Scams Are On The Rise
Twitter HQ raised a red flag when a number of celebrity accounts started promoting bitcoin donations. It was later known as the biggest Bitcoin scam on Twitter. It happened on a Friday, last month.
Twitter announced by the end of the month that some of its employees had fallen victim to the hackers. As a result, they provided hackers access to some high profile accounts.
The hacker was later arrested and charged with 30 felonies. He was only a teenager living in the state of Florida. The teen hacker tapped the usernames and passwords on Twitter’s internal system.
The high-profile accounts hacked were Bill Gates, Elon Musk, and Joe Biden, the presumptive Democratic presidential aspirant.
So, how can you protect yourself against hackers?
In perspective, what happened on Twitter was an example of spear-phishing. It’s a hacking technique that convinces victims to provide login credentials. Other times, it could be to download malicious software.
Twitter added that the attack focuses on employee’s phones. This means that hackers could trick users through phone calls and text messages. Spear-phishing can take place through emails.
These attacks were paired with an urgent message. Along with a piece of almost valid information. Meaning, it’s specifically made for you. For example, the message is tailored as it came from your tax return.
Scams like these could be very hard to avoid. That’s because they are tailored to negate every red flag. Remember, these messages are urgent and almost credible.
Despite the precautions put in place, a lot of people still fall for these kinds of tricks. Another known spear-phishing trick is through downloading malicious software. This is known as Ransomware.
This method threatens the victim to publish their sensitive data. Sometimes, they will block access to it unless you pay them a hefty amount. You can avoid falling into these scams by following these steps.
How To Protect Yourself From Phishing Attacks
Knowing the basic signs of phishing scams is your number one defense against it. As I mentioned earlier, phishing scams can take place through a lot of ways, from the text, phone, visiting malicious websites, emails, downloading a file, and handing over your login credentials.
This trick often succeeds in emails because people will just click on links. Oftentimes, you tent to download any file while working in the office. Hackers understand this very well. That’s why they were able to take advantage of it.
Pause Before You Click
These are some of the things you need to check before you click a link or download a file:
- Check where it came from. Analyze the sender’s name and business. Make sure that it’s spelled correctly and everything matches—for example, Microsoft.net and Microsoft.co. Also, you need to check for random characters in the email address.
- Hover your mouse pointer to the links in the email. This will allow you to see their true URL. If they don’t look legit, don’t click!
- Check the greeting. Is it addressed specifically for you? Or the sender addresses you as “Customer” or “Sir.” These are the red flags you need to be aware of.
- Read the email closely. Is it free from grammatical errors? Don’t forget to check the spelling.
- Listen to the tone of the message. Does it sound very urgent? Does it force you to do something you would not normally do?
Watch out for the advanced phishing emails that use the same techniques
There are advanced emails that could pass the red flags we’ve mentioned above. Some spear-phishing emails would sometimes include your sensitive information. Or it might include a very polished language that is tailored especially for you.
These types of emails are much harder to notice. And there also targeted phone calls. You’ll receive a call where the person on the other side of the line will try to manipulate you into handing over your sensitive information. Sometimes, they will try to trick you into visiting a malicious website.
Add Another Layer Of Protection By Setting Up Google’s Two-Step Verification
While spear-phishing scams can be tricky, there is another way to add another layer of protection to your email. That is Google’s two-step verification. However, there is only one thing you should never forget. “Never give them your PASSWORD.”
No matter which method they use; phone, email, text, etc. NEVER GIVE YOUR PASSWORD. It’s also good to avoid following a link from your email to a website where you will be required to enter your password.
Remember that even banks, social media, and legit email providers wouldn’t ask for your password. Let alone, over the phone or thru email. We strongly recommend that you go to the company’s official website and log in from there.
You can call their customer service to confirm if the request is legit. It’s a common practice for financial institutions to send a secure message through a separate inbox. You can only access this after you’ve logged into their website.
Call The Sender
Have you received something that requires you to download a file? Maybe asking you to reset your password? Or requesting money from your company’s accounts? If so, no matter how “important or urgent” it may sound, call them for confirmation.
You can even call the IRS if the message allegedly came from them. The same goes for phone calls. Tell the caller you need to hang up and let them call you from the company’s customer service hotline.
Remember, phishing scams will always make the request seem very urgent. This is because they don’t want to give you enough time to double-check the request. However, keep in mind that you’re on the advantage if you take your time.
Always remember to verify the request. Otherwise, this will cost you and your company a lot to lose. It can even damage your reputation.
Be Careful About Posting Your Personal Information
Hackers need to know you to succeed. Your profile and job title are good indications of how valuable you are. Other times, hackers need to access information about you through data breaches.
We suggest that you try to avoid such things. That’s because they can use it as leverage. Try to set your social media accounts to private. Also, don’t try to post every detail of your life on Twitter.
Enable the two-factor verification on all of your accounts. This will work for both private and business-related accounts. Again, this is another layer of protection.
Following these steps will protect you from falling victim to spear-phishing scams. This is also effective against Coronavirus scams and even tax scams. These steps can also protect you from malware and ransomware attacks.