You do not know to click on links in fragmentary emails. Everyone is doing it now. And yet people fall in love Phishing attacks all the time. And that’s the whole problem. If phishing didn’t work, attackers would have long since abandoned it. Instead, it’s everywhere. Coronavirus phishing scams quickly appeared around the world in January 2020, shortly after the start of pandemic lockdowns in China. And the technique is a perennial favorite of criminal crooks and nation state pirates look alike.
Phishing scams work by tricking you into clicking on a link or attachment that infects your computer with malware or takes you to a page that looks completely legitimate, but isn’t. Instead, it tries to steal your private information. According to According to the Anti-Phishing Task Force, around 200,000 new phishing sites appear each month and campaigns impersonate more than 500 different brands and entities per month. The FBI’s Internet Crime Complaint Center found that US-based phishing victims lost nearly $ 58 million in 2019 alone.
In one recent study of more than a billion phishing and malware-related emails, researchers at Google and Stanford University have found that certain factors put people at a higher risk of receiving emails from phishing. One is just your location. Looking at aggregate data from Gmail, researchers found that users in the United States are the primary target of email attacks by volume, resisting 42% of these attacks. But users in Australia, which is far less populated, are twice as likely to receive a phishing attack as those in the United States. The study also found that users aged 55 to 64 were 1.64 times more likely to have a stroke than those aged 18 to 24. The study also found that if your personal information was exposed in a data breach, you are five times more likely to experience phishing attempts and malware attacks.
But you are smart. You can increase your chances of avoiding phishing scams if you follow these four steps and most importantly remember that when it comes to your email, you really can’t trust anything.
Always, always think twice before you click
“At the heart of phishing is a scam,” says Aaron Higbee, chief technical officer of phishing research and defense company Cofense. “People who send phishing email have to be smart email marketers to get a user to engage.” Often times, they do this by preying on your emotions.
That’s why the most important thing experts recommend is to listen to your gut feelings. When something goes wrong, it probably is. But since the whole point of phishing (and its more personalized and targeted counterpart, spear-phishing) is to get you to do something without sounding the alarm, you need to be skeptical even when things look good. You should generally be reluctant to download attachments and click on links no matter how harmless they appear or who appears to have sent them.
“We’re conditioned to try to help people and be nice. You don’t want to sound rude or defensive,” says Trevor Hawthorn, chief technology officer at Wombat Security, who works on phishing and security awareness. . “But one of the most important things people can do is when you ask them something, when there is some kind of call to action, think about the context of what the sender is asking you to do. . If there’s a sense of urgency, it’s when I’m a smart skeptic and slow down. “
It takes practice. Wombat has found that when people participate in consistent anti-phishing training, say once a month, they are better at avoiding phishing links than when they haven’t taken a course for a few months. Your job might not have a phishing prevention program, but you can still work to stay alert and skeptical. It’s easier said than done, but keeping this attitude in mind can only help.
Consider the source
Phishers will always try to make it look like their messages are from a legitimate entity, mimic the appearance of a familiar Amazon account recovery email, or masquerading as a new national service. Covid-19 test.