Phishing is defined as the “fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.” However, phishing can also come in the form of text messages and phone calls or cleverly disguised websites.
Scammers use phishing to convince you to give them usernames, passwords, bank account information, or even your social security number. Many cybercriminals are looking for a fast cash turnaround for their efforts, and once you enter your information into a web form, or click a link in an email, you are vulnerable to identity theft and financial losses.
What You Can Do To Protect Yourself
-
Use Security Software
Purchase antivirus and anti-malware software that covers all of your computers and, if applicable, your mobile devices. Not every software has an accompanying smartphone app, but if you want maximum security, look into a software that does. Many PCs come with anti-malware installed already, but you can always upgrade to a better service, or if your PC doesn’t have it already, purchase software that best meets your security needs.
-
Turn on Automatic Updates
If you’re reporting a phishing email, make sure that you forward the actual email and don’t send it as an attachment. The original email might contain vital tracking information that can help find the cyber criminal at fault. Device with the latest protection against hackers.
-
Use Multi-Factor Authentication
Multi-factor authentication is a tiered security measure that requires you to approve each new login attempt. You cannot log into an account without first validating the sign-in attempt on another device that you own. This means that hackers also cannot sign in to your account without your approval. Multi-factor authentication is significantly harder for many hackers to work around, giving you increased security.
What You Can Do If You’ve Been Phished
-
Antivirus Scan
An antivirus scan can help you detect whether your PC is compromised after a phishing attack. Install a reputable antivirus and anti-malware software that protects your PC from hackers and scammers and also performs regular scans to determine whether you’re already compromised. Unfortunately, no antivirus or anti-malware software is 100% effective, which is why you should set up repetitive scans and always scan your computer after a phishing attempt.
-
Password Update
If you accidentally fall for a phishing scam, immediately go through and change your passwords. Unfortunately, many people use the same or similar password for multiple sites, making it extremely easy for scammers to take advantage of you.
Choose a unique and long password that includes numbers, symbols, capital letters, and lower-case letters. Make it a different password for every website. If you struggle to remember your passwords, even when they’re easy, download a quality password keeping app for your phone and PC. Apps like Dashlane, LastPass, and Norton Life Lock have both paid and free versions and are highly reliable.
-
Report the Scam
You can forward all phishing emails and texts to the Anti-Phishing Working Group. Forward emails to reportphishing@apwg.org and forward texts to 7726. You can also report the suspicious email or text directly to the FTC at ftc.gov/complaint.
If you’re reporting a phishing email, make sure that you forward the actual email and don’t send it as an attachment. The original email might contain vital tracking information that can help find the cybercriminal at fault.
-
Freeze Your Credit
If you’re worried about identity theft, especially after you fall prey to phishing, you can freeze your credit with all three credit bureaus: Experian, Transunion, and Equifax. If you plan to freeze your credit, do it sooner rather than later. It only takes a couple of minutes for a scammer to fill out a credit application in your name, which can cost you hundreds or thousands of dollars. Most scammers want fast money, so don’t make it easy for them.
When you freeze your credit, it is nearly impossible for a scammer to take out a new credit account with your information. They typically need to unfreeze your credit with one or more credit bureaus before they can do anything. Unfreezing your credit requires access to your PIN or username and password with the bureaus, which is why you mustn’t use the same username and password with every website.
-
Monitor Your Accounts
After you are phished, monitor all your accounts, even the accounts that weren’t initially exposed in the attack. A phishing attack that gets hold of your Instagram password can try using that password for Facebook to get money from your friends, your email account for similar reasons, or even your bank account, which gives them direct access to your money.
Before the scam gets to the point where you or your friends are losing money, change your passwords.
Topics: cybersecurity, phishing, scam, privacy