Christmas is just around the corner and so – unfortunately – is probably a nasty attack of phishing, which brings us to how to protect against phishing. Jan Oetjen takes us phishing, but with the odd interruption
With each UK citizen spending an average of £330 on Christmas presents each year and an estimated 19% of annual sales
Or to put it another way, how can you
Know Fraud, No Fraud
What is phishing? The word ‘phishing’ was invented as a homophone of ‘fishing’ as it involves creating a bait to lure victims. Typically it involves an email; although sometimes a telephone call – called Vishing – or a text – called Smishing. (And wanting less jargon is called wishing-Ed) which purportedly comes from a trustworthy source such as a bank, payment processor or retailer or even a colleague or friend (who has unknowingly been hacked). These emails are often credible enough to deceive the recipient into clicking on a link which could then release malware – viruses, worms, Trojans or bots – onto the recipient’s computer or take the victim to a fake website. Which leads us to: how to protect against phishing.
Tip 1: How to protect against phishing. Never, ever follow suspect links
There is no 100% guaranteed way to detect phishing but, if there is the slightest suspicion that the email may be fraudulent, do not click on any links it contains. Always enter the sender’s website address (not the link in the email) directly into your browser.
Tip 2: How to protect against phishing. Check out the sender
Be warned if the part after the ‘at’ sign @ in an email address doesn’t match the purported sender; for example, if ‘PayPal’ sends you an email from firstname.lastname@example.org or the URL is misspelled as www.paypa1.com or something similar. This is a (fake) website owned by a cybersquatter. Some of the most well-known companies in the world have website impersonators including Facebook, Google, DropBox and PayPal
Tip 3: How to protect against phishing. Don’t give in to emotional blackmail
Tip 4: How to protect against phishing. Banks never want to know this
There are some things that your bank will never ever ask you. They don’t want your passwords or PINs to be sent by e-mail or text; they don’t want you to
Tip 5: How to protect against phishing. Beware of opening attachments
If attachments with unknown file extensions (or PDF files) suddenly appear as an e-mail attachment, it is a clear indication that something is wrong – especially if you haven’t had any previous dealings with the sender.
Tip 6: How to protect against phishing. Personal salutation
Most companies address their customers by name. But if the name is missing,
Tip 7: How to protect against phishing. Trust is good but control is better
By regularly checking your bank statements, you can mitigate any potentially serious consequences of a phishing attack. Any suspicious or unknown transactions should be reported directly to the bank or credit card company immediately.
Tip 8: How to protect against phishing. Keep yourself up-to-date on current scams
Take the time to read up regularly on ways to protect your digital safety. If you hear that a service provider has been hacked, be sure to follow their instructions and change your password.
Tip 9: How to protect against phishing. Only use secure websites
When conducting online transactions, go directly to the website. If the special offer is genuine, it will be available on the website. Look for a sign that the site is secure, such as a white padlock icon on the browser’s status bar or
Tip 10: Protect your computer with a firewall, spam filters, anti-virus
Do some research to ensure you are getting the most up-to-date software, and update them all regularly to ensure that you are blocking new viruses and spyware.
Tip 11: Click in haste, repent at leisure
Many phishing e-mails put pressure on you to act quickly or else, they threaten, something bad will happen or you will miss out on something very important. A ‘bank‘ might warn you that your account will be closed unless you act
Tip 12: Genuine messages don’t make threats
Although most phishing scams involve trying to trick or persuade people into handing over sensitive information, some fraudsters use fear and intimidation to scare their victims. For example, threatening to send embarrassing videos or photos to contacts unless a ransom is paid. Try not to react immediately to an email take a few minutes to calm down and think rationally. Why would this person be emailing you, specifically about this, all of a sudden?
The JDLR rule
Few people fall for the ‘Nigerian Prince offering untold riches‘ scam any more, but criminals are now able to put together professional-looking messages and web pages which can trick even the most discerning person into giving away personal information when they are tired, busy or stressed. Check your privacy settings on popular social networks to restrict how much personal information you are making public and above all, follow the JDLR rule. If it ‘Just Doesn’t Look Right‘, then it probably isn’t.
- Source: Information Age