Did you get lured into a phishing scam? Don’t panic! Let’s discuss what to look for and how to fix it if you took the bait.
What To Look For
Phishing attacks trick the recipient into revealing financial information, system login credentials, or other sensitive information. You may receive an email, text message, phone call, or another form of communication. Essentially, hackers use a variety of ways to get information. Here are the details for phishing scams:
- Email phishing - an email scam used to steal money or launch other attacks usually sent to thousands of victims.
- Spear phishing - a highly personalized attack designed to deceive an individual or organization into revealing sensitive information.
- Quishing - phishing using a QR Code instead of a URL.
- Smishing - phishing via text message.
- Vishing- the fraudulent practice of making phone calls or leaving voice messages claiming to be from reputable companies to coax individuals to reveal personal information, such as bank details and credit card numbers.
- Clone phishing - an attacker creates a replica of an actual message sent between an employer and employee in hopes of tricking the victim into thinking it’s real. The message resembles the address of the legitimate sender along with the body of text which matches a prior message in terms of style and substance.
- Whaling-highly targeted phishing attack aimed at senior executives attempting to initiate a wire transfer of funds.
How to Fix the Issue
While you may have heard of these scams, attackers continually evolve and become sneakier. Here are post-click actions you can do to protect yourself:
- Change your passwords immediately and create passwords that are 25 characters long. Many times, an autogenerated password is the best. Use different passwords for each account.
- Use a password manager for your passwords. You can store your passwords in places like 1Password, RoboForm, or Keeper.
- Use antimalware software to perform a primary check for malicious code.
- Use multi-factor authentication (MFA). Once you sign into an account, you receive a text message on your phone with a one-time code that needs to be entered to access the account.
Remember to stay vigilant and keep those cyber sharks at bay!