You’ve probably seen the headlines. Fake celebrity death news is the new clickbait of the week, the latest one being George Michael. You have probably seen it in ads on certain websites, your emails, it’s everywhere. The newest clickbait in the lake of phishing is fake celebrity death news as well as a PDF File that reads, “Assessment document” and the body contains a single PDF attachment that claims to be locked. A message reads: “PDF Secure File UNLOCK to Access File Content. Research shows that 30% of phishing emails get opened each month. Are you aware enough to know the difference between real and fake?
What is Phishing?
Essentially, phishing is an attempt to obtain private or other sensitive data – e.g. login credentials, payment card information, etc. – from an unsuspecting victim. There are mass phishing attacks, in which hackers send out massive volumes of emails hoping that they’ll get some clicks. And then there are spear phishing attacks, in which hackers target a specific organization and/or its employees. For example, the phony email contains familiar information, such as a name, job title or other recognizable content. Sometimes, spear phishing attacks can be augmented by voice (a.k.a. “phone phishing”). A campaign in 2013 involved hackers calling employees ahead of time, and telling them to process an invoice that they would soon receive in email.
Tips to avoid the Phishermen.
Be alert for spam messages
Do not reply to emails that request financial information, even if it appears to be from a trusted source. Do not reply to emails from unrecognized senders. Do not open any links in suspicious emails, instant messages, or chat-room messages.
Only communicate personal information over the phone or through a secure website
Secure websites are indicated by a lock on the browser’s status bar or the prefix “Https://” instead of Http://. It is safe to give personal information on the phone only if you initiate the call to a secure phone number. For example, it is best to call a number located on your bank statement rather than a number that you were asked to call in an email
Never use email to share personal information
Even if you know the recipient of an email, unauthorized individuals may be able to gain access to your or the recipient’s email account. Individuals with advanced technical skills can intercept your email.
Avoid using email on public computers
Information from an email is temporarily stored on a computer’s local disk and can be retrieved by another user if it is not properly deleted.
Use security programs to protect your computer
Use a spam filter, anti-spyware program, anti-virus program, and a firewall. These can be obtained from a software retailer or on the Internet.