At the beginning of May, a massive phishing scam hit Gmail users. The scam came in the form of an email (from someone the Gmail user had communicated with previously) with a link to open a Google document. If a user clicks on the link to the Google doc and logs into their Google account, hackers are able to steal account information, contact, passwords and more from the account.
Luckily, Google was able to react quickly and very few users were affected by the scam. However, this is not the only phishing scam and it won’t be the last time a major platform is hit by a phishing scam. In fact, phishing scams are some of the oldest scams on the Internet but even though they are well known, they are still very effective.
Here are the top eight ways to protect yourself and your company from phishing scams:
1. Be cautious with emails that request personal information
Your bank, healthcare provider, the IRS and credit card company will not ask for personal information via email. Also, companies like Facebook or Gmail will not ask for passwords in emails. Do not click on any links or download attachments that request your personal information.
2. If you are unsure, call the company
If you receive an email and are truly unsure whether or not the request is legitimate, call the company that is supposedly sending the email. If you can’t call the company (like Facebook), then log on to their website and use their Help feature to learn if the request is legitimate.
3. Know how to identify a fake email
Most of us are in a hurry or multitasking when we are checking our email. Hackers know this and they are very good at creating emails that look very professional or similar to the real email addresses. But if you look closely, you will almost see a type or contact address that is off so take the time to pay attention to the sender before you open or click a link.
4. Be wary with links within email
Unless you are completely certain that the email is from a trusted source, be cautious about links in email. Instead of clicking a link, open new browser and type the URL directly into the address bar. Phishing links are usually masked as legitimate links but then can redirect you to a different site
5. Keep your browser up to date
Popular browsers often update to include the latest security patch. Browsers are constantly observing phishing scams and vulnerabilities and updating to protect their users against these new scams. If you haven’t updated your browser, even if you are getting a reminder, now might be the time.
6. Create a SPAM filter for your emails
SPAM filters can help protect against viruses or blank senders so that suspicious emails never even reach your inbox.
7. Use pop-up blockers
Not all phishing attacks happen through emails. Many hackers use pop-ups as the source of phishing scams. Pop-up blockers can help protect you from unwanted pop-ups when you are browsing.
8. Check your accounts on a regular basis
Most phishing scams are aimed at obtaining financial account information. Be certain that you are regularly checking your accounts for any suspicious behavior.
The most important piece of advice against phishing attacks is to remain alert. Even though many of these scams seems simplistic and are easy to spot, many of them are quite sophisticated. Stay alert when checking your emails from anyone and train your team to do the same and you can decrease the threat of phishing attack.