With the contemporary safeguards of privatized information security, we are living in a relative digital haven. Automated firewalls create an atmosphere for users that are safer than ever before. No longer are the days of the infinite pop-up cascade, now we have to deal with a new, simpler, more devious threat. One that preys on our sense of safety and trust in our sources. The phishing attack. 

In brief, phishing is defined as  

“…a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.”

Phishing.org

Phishing is a threat to your cyber security and should be taken seriously. Even the most vigilant can be fooled from time to time but if you are aware of the common signs, you can train yourself to be wary. 

Some things to watch out for:

  • Unusual Senders- Avoid emails from unknown individuals or organizations.
  • Out-of-character senders- Avoid emails from people you do know that seem suspicious. It is always worth calling someone up and verifying they were actually the ones that sent it, it is very easy to spoof an email. 
  • Unexpected attachments- if you get an email with an attachment, this can be a bundle of viruses waiting for you to unleash them. Do not open any unexpected attachments. 
  • Sense of urgency- often times, phishers will try to create a sense of panic such as overdue notices or account closing/suspension. This can dull your senses and make you vulnerable to divulging your information. 
  • Hyperlinks- double check that any links you are sent go to where you expect them to. Often times you can hover your mouse over the link and see what it directs to, if the destination doesn’t match what you were expecting, do not click on it. 
  • Too good to be true- sometimes these emails will give lofty claims and exciting offers, these are often accompanied with that sense of urgency trying to get you to include your information.

Two very common trends you should also know are:

  1. Banks and most organizations know about phishing attacks and will never ask you to reveal any personal information like that when contacting you. If you are unsure, call the bank/organization with their publicly listed phone number and verify that the message is legitimate. 
  2. Organizations should never tell you to change your password and then give you a link to where you can change it. If your password needs to be changed and they let you know, often times legitimate messages will tell you to login to your account and change it. 

Even though this article covers e-mail phishing, the principles can apply to phone calls and text messages as well. A good rule of thumb is, if it feels suspicious go ahead and ignore or delete it. 


For questions or more cyber security tips, email us at support@aurealtechs.com.