What is Phishing and How Can it Be Avoided?

network auditPhishing is a form of hacking by which a person or program masked as a trusted source tries to gain personal data such as usernames, passwords, credit card information and at times, money.

The most common method of phishing is through emails, although identity thieves often use phone calls, instant messaging, social media, and malware programs installed through links or attachments that are unwittingly clicked on.

How to avoid phishing scams:

  • Install and use antivirus software and a firewall.
  • Never open unsolicited emails.
  • If you are asked to give any sensitive information (list below) through email, instant message or by phone do not reply or click links in the message.
  • Never give financial or personal information through email or over the phone, no reputable company will ask for this kind of information.
  • If you receive an unusual email from a colleague or family member that seems out of character in some way, do not click on any links in the email before confirming that it is legitimate.
  • Be very careful about which links you click from an email. A link that looks like it leads to a valid website could in fact, point you to an imposter site designed to acquire personal information or even download malware on your computer.
  • When opening email attachments, do so cautiously, even if it seems to come from someone you know. If in doubt, scan the file using antivirus software before opening.
  • When checking the status of an account, always call a published telephone number and talk to a real person.
  • Enter Your Sensitive Data in Secure Websites Only – In order for a site to be ‘safe’, it must begin with ‘https://’ and your browser will show an icon of a closed lock.
  • Never enter personal information into a pop-up window, because the security of the window cannot be confirmed.

Target information:

  • Date of Birth
  • Address
  • User IDs
  • Passwords, access codes and PINs
  • Mother’s maiden name
  • Pet’s name or other common password retrieval questions

The weakest link in online security is people; and the security of any home, business or organisation is as strong as its weakest link. Take extra time to educate yourself and others connected to you to avoid becoming a victim.