Eight Ways to Proactively Protect Against Phishing

Phishing—not to be confused with fishing—is an attempt, via fake emails, to fraudulently obtain sensitive information from a victim. Usually the message is disguised as a legitimate request for usernames, passwords, or banking information in order to deceive the recipient.

Over the last few years, we’ve gotten better at spotting and weeding out these types of emails. Con artists, however, have also improved their skills, making it harder to decipher what’s legitimate and what’s not. But no matter how clever they get, there are still tried and true methods to protect against these types of scams—here’s a look at eight of them.

Use strong, unique passwords
In addition to having strong passwords that are unique for each site you use, make sure you never share them via emails or web forms. Emails can be hacked, and legitimate organizations should not be requesting your account passwords.

Don’t blindly follow password reset links
Be skeptical of emails that send you a link to reset a password. Even if you forgot a password and requested the change, you should still hover over the link to make sure it’s actually going to the correct site.

Be cautious of unexpected emails
If you’re not expecting an email, or it seems too good to be true, be cautious. You probably don’t know the Nigerian Prince. And if you haven't played the lottery, you are definitely not a winner. 

Watch out for generic looking emails
For example, if the opening salutation is sir, madam, customer, or patient, and there is no formal signature at the bottom, it’s probably not legitimate. When you do business with an organization, they should know who you are and be able to personalize your emails. It’s also safe to say that the majority of companies today have marketing and design teams who make sure that legitimate email communications are branded appropriately.

Pay attention to spelling and grammar errors
Scammers don’t typically draft communications with the same amount of care as a real business. And because they play on your fears, they’re hoping that if they make the message seem urgent enough, you won’t notice any errors.

Hover over links before clicking them 
When you hover over a link, a small display will pop-up to show you the URL you’re being directed to. If you don’t recognize the destination link, or it doesn't make sense, don’t click on it.

Don’t open attachments
This is especially true if you weren’t expecting them and don’t recognize the sender. Sometimes what you think is a simple document, video, or image file, is really a virus that begins to infect your computer once opened.

Just delete
When in doubt, ignore and delete the email.

Following these tips will help reduce your chances of becoming a victim, but can’t guarantee you won't get scammed online.

If you find that you’ve fallen for a scam, there are plenty of resources out there to assist you as you recover. You can visit stop.think.connect.org* for additional insight into protecting yourself online and reporting cybercrime.  

*Please note: Stop. Think. Connect is an initiative powered by the National Cyber Security Alliance. The reference to their site is not an endorsement of all available content and listed resources. We encourage you to always do your research before signing up or subscribing for anything.