There is no single fool-proof way to avoid getting hooked by phishing scams.
However there are some basic guidelines to keep safe:
- Never give out personal information.
Generally you should never share financially sensitive or personal information over the internet with anyone. Never use links provided in emails to provide confidential information.
- Think before you click.
In Outlook turn on your reading pane as this helps identify suspicious emails before you open them and it gives you time to think before you click. It is always best to think first before you click rather than click and then think. Treat with extreme caution links and attachments in random emails. Hover over links that you are unsure of to see where they lead to. Never click on links in an email – always type the address directly into the address bar. If you have any doubts delete the email immediately. If you think it might be important, check with the sender before clicking:
- By email: Do not use “Reply-To-Sender” as this address, along with the apparent sender will typically have been spoofed, but you can create a new email explicitly addressed to the “supposed” sender where you manually enter the recipient’s address rather that relying on the automatic “Reply To” feature
- By phone: If your suspicions were correct, the person will deny having sent the email and if they attempt to corroborate the authenticity of the sent email, double check with the sender as to the date and time to be absolutely sure that you’re talking about the same email
Never respond to any spam or suspicious email as this will only serve to validate the email address, thereby increasing its resale value to potential harvesters.
- Review regularly your online bank accounts.
Check your bank statements and review every entry carefully to ensure that no fraudulent transactions have been made. You should also frequently change your passwords.
- Update your browser.
Security patches are issued regularly to close off security loopholes so whenever an update is available download and install it without delay.
- Avoid popups.
Most browsers block popups but if you get one, click on the small “x” in the upper right hand corner of the window rather than the cancel button.
- Use antivirus software.
Use a reputable brand of security software and ensure that it is always up to date and scanning regularly. Also check that your firewall is enabled and optimally configured to help mitigate against unwanted intrusions into your computer from malicious sources on the Internet. If you use your both your desktop firewall and the firewall features of your network Router/Modem you can increase your immunity to threats coming in from the Internet
- Site security verification.
Read all URL’s from right to left. The rightmost section is the true domain. URLs that don’t employ “https” are potentially fraudulent, as are sites that begin with IP addresses. Check for the reassuring closed lock icon near the address bar. If necessary, review also the site’s security certificate. Never ever visit a website if you are told it may contain malicious files.
Ensure that all employees understand the different types of attacks they may face, the risks involved and how to deal with them. Make sure that your security policies and solutions are up-to-date and capable of adapting to new security threats as and when they arise.
It might work! And if it doesn’t you might have plenty of time for fishing.