Have you ever been worried that you may become a victim of a phishing scam?
There has been several incidents of cyber criminals exploiting the COVID-19 pandemic recently, so listed below is some information and ideas of how to prevent this!
Common phishing techniques;
- Malicious files – In most cases, cyber criminals send out an email which often come from what appears to be a trustworthy sender informing you about COVID-19 or something of importance, this then persuades the victim to open an attachment or download a malicious file from a linked website.
Cyber criminals are also trying to exploit the communication platforms which are being used more frequently. This means that platforms such as Zoom and Microsoft Teams can be targeted by phishers, they can approach this by attaching malicious files onto emails asking an individual to join said communications platform which is indeed turns out to be a scam.
- Phishing emails – Another way that cyber criminals use phishing is to steal user credentials. These emails can include COVID-19 social engineering techniques, along with urgent language, to enhance the lure of clicking onto a link that may result in a security breach.
- Pop-ups – Phishers hope that employees will open pop-up windows that could have viruses and malware embedded in them, leading to them being able to infiltrate your organisation’s network.
Ways to prevent receiving a phishing scam;
Think before you click
- If you receive an email which seems legitimate, hover over links that you are unsure of before clicking on them. Do they lead where they are supposed to lead? When in doubt, go directly to the source rather than clicking a potentially dangerous link.
- When visiting a website, look for the padlock symbol in the top left corner of the address bar, if the browser says that the connection is not secure or the certificate is invalid then it is best to not visit that website. As a test you can go here – https://expired.badssl.com/ , this is a safe website but gives you an example of an expired certificate.
Don’t enforce regular password expiry
- Changing your passwords regularly can actually harm your security rather than improve it! For example, if an attacker has access to your account they will also receive the request to reset the password, meaning they can in fact create a new password and lock you out of your account!
- By using Multi-Factor Authentication (MFA), you can reduce the risk of your account being compromised. MFA adds a layer of security which sends a numeric code to your smartphone or device anytime you (or anyone else) tries to log in to your account, preventing someone external logging into your account without the code.
Keep your browser up to date
- Security patches are released for popular browsers all the time. They are released in response to the security loopholes that phishers and other hackers inevitably discover and exploit.
- High-quality firewalls act as buffers between you, your computer and outside intruders. This can drastically reduce the odds of hackers and phishers infiltrating your computer or your network.
Be cautious of pop-ups
- Pop-up windows often masquerade as legitimate components of a website, but often they are phishing attempts. Many popular browsers allow you to block pop-ups, you can allow them on a case-by-case basis.
Do not give out personal information
- As a general rule, you should never share personal or financially sensitive information over the Internet. When in doubt, go visit the main website of the company in question, get their number and give them a call. Most of the phishing emails will direct you to pages where entries for financial or personal information are required.
Use Antivirus software
- Make sure to keep your antivirus software up to date as this acts as a guard against files coming through the internet to your computer, this prevents any damage to your system. Firewall protection also work as a cyber guard, this prevents access to malicious files by blocking the attacks.
If you would like to find out more on how to keep your desktop protected, please contact us on email@example.com
Don’t miss out of our limited time offer, free cyber security consultation! Fill out the form below to find out more