Let’s talk phishing: to cyber criminals, you’re the phish they’re hoping will bite … here phishy, phishy.
What’s the bait?
Most often, it’s a hyperlink in an email that takes you to a replica of a real website where you are prompted to enter your credentials and — zing, they’ve got your username and password to use as they please.
What are they after?
They want your money, your identity, or access to sensitive information. What to look out for: poor spelling, bad grammar, strange formatting, threats (“your account will be cancelled if you don’t…”), or requests for confidential information.
What can you do?
Don’t click the link. Open your browser and log in to the company’s main site or log in through their mobile app when available. If the only way to access the information is by clicking the link and you think it may be legitimate, but you really aren’t sure, call the company.
What to remember?
Question any email that tells you to follow a link and never provide sensitive information over email. Cyber criminals will often try to create panic or anxiety so that you will quickly click a link without analysing the content of the email. Your bank is not going to cancel your account and take all your money just because you missed an email. You were not randomly selected to win $100,000 (but you could call the real company just to double-check!). If you think you clicked a phishing link, change your password, monitor the account and inform the company.
Blair S. Lilford is the founder/owner of SALT Technology Group Ltd.