How to Protect Yourself From Phishing
Phishing involves an attacker sending a message that makes it look like it’s from someone the victim trusts, often a family member or colleague. They attempt to trick the victim into clicking a link or opening an attachment that can then download malware to their computer. This can include spyware, adware, RATs (rootkits), ransomware and viruses.
Cybercriminals use phishing to steal valuable information such as account credentials, passwords and credit card data. They then use that information for fraudulent activities or sell it on to other black hats. This is why phishing continues to be one of the most popular attacks and was behind 82% of breaches in 2022 according to the DBIR.
The most common type of phishing is an email. The attacker creates a fake email that looks like it comes from a trusted source, such as a bank or a credit card company. They also make the messages appear urgent or pressured, to fool the victim into acting quickly and without careful scrutiny.
The NCSC’s phishing guidance advises people to examine messages closely and ask questions about any requests that don’t add up. It also reminds them to note any spelling or grammatical errors that could be a giveaway that the message is not genuine. If the request is about an activity that is unusual or out of character for the sender, it’s best to contact them directly on their phone or by text to verify.