How to Protect Yourself From Phishing
Phishing involves an attacker using social engineering tricks to trick you into clicking malicious links, giving away sensitive information or revealing login credentials. It is conducted over electronic communications, like email or instant message, and targets individuals as well as organizations. It can lead to identity or financial theft, and can also be used for data breach and corporate espionage.
Cybercriminals can target you through a variety of mediums, including email, website, phone, text messages, and even Wi-Fi. The most common phishing attacks involve fake urgent requests for information, like saying your credit card account will be frozen or an online purchase cannot ship because of a billing issue. Others might say your relative needs bail money or help with an immigration issue in a foreign country. Regardless of the medium, phishing attacks are often disguised as emails from trusted organizations you do business with, like PayPal or Apple.
Attackers are very patient with their victims, building trust and a rapport before asking you to click a link or open an attachment. This allows them to steal your sensitive information, which they then use in a variety of ways. They might send you a follow-up email, and may wait for days before sending you a malicious link or attachment.
It’s important to remember that no organization will ever ask you to provide your password or other personal information in an unsolicited email or phone call. It’s also a good idea to review your email filters to ensure the latest security updates are in place.