Have you ever received an email that does not look familiar or looks suspicious? Be wary of it, as it might be malware or any other form of cyber-attack, also commonly known as a phishing attack. If you ever come across any such email, that asks you to log in somewhere, the only logical thing to do is DO NOT LOGIN! The term ‘phishing’ comes from ‘fishing,’ only that in this case the victim is the “phish” and the hacker is the ‘phisherman’. It may (generally) ask you to allow access to an application or attachment sent in the email. And, if you follow the attacker’s instructions whether intentionally or unintentionally, you might get into serious trouble. The hacker can do anything, ranging from something less harmful like installing a simple virus in your system that handicaps certain applications, to attacking your computer with something as dangerous as ransomware. Ransomware gains access to all your files and encrypts them with a code, with the decryption key provided after a ransom has been paid.
Phishing attacks were traditionally carried out only through email in the past. But with the rapid growth in the information technology sector they can now be carried out on social media, messaging services, and other apps too. Hackers now don’t even need you to download any file, all they need is for you to access a web link that tricks you into entering sensitive info. In the modern age where data leaks such as the Equifax scandal in 2017, or the Yahoo case in 2013, people have begun to realize that the most valuable thing to own is information. This can be done as simply as Facebook asking you for it (for which they have been under severe scrutiny recently following the Cambridge Analytica issue) or through certain fake web pages, more than 14 million of which are created every month. These hackers can ask you for information as simple as your email and password, and believe it or not, they can also trick you into giving up your most sensitive financial information like your banking credentials. ALWAYS remember your bank will never ask you for any passwords or confidential information online. Make sure the website you are accessing is legit. And if you ever feel you are sharing any more information than needed, you actually are. And that is when you should realize that the website is a fraud. To stay safe from such frauds, change your password every 6 months and create strong passwords that contain at least one capital letter, a number, and a symbol.
The most effective method to protect yourself from phishing scams is keeping yourself informed about them as much as you can. You should be up to date about new ways these scams are perpetrated, as these hackers are always developing new ways to trick users. At an organizational level, your staff should be thoroughly trained about these scams, and their negative effects. Workshops where employees are put in protected sandbox environments where they can learn how to spot these scams are quite effective.
We at IT Horizons can help your organization on how you can avoid being a victim to cyber-crime. We consult you on things such as how, when, and where to backup your information, what rights to allow to computers on your organization’s server etc.
Phishing is one of the simplest to carry out attacks and has been in existence for more than two decades. People still fall victim to these attacks, even as ridiculous as they may seem, and until users of the internet become fully aware these scams will continue to exist. It can only be stopped in the future by people understanding how these scams work and what emails or links they should or should not access on the internet.
IT Horizons exists to help you stay safe from Phishing scams, and other types of cyber-crime. Contact us TODAY to learn how we can ensure your safety!