Most people who know me understand that I am essentially the opposite of an "outdoorsman." It just wasn't how I was raised, unfortunately. I do know IT security though especially when it relates to social engineering. "Phishing" refers to the practice of a spammer trying to trick you into clicking on something in an email that you shouldn't.
The holiday times are approaching. In the IT world that equates to about a general increase of email spam levels around the 30 percent mark. Thirty percent more spam... as if we didn't already have to deal with enough of it!
There are solutions to deal with your company's email spam but what do you do about your own personal email? I am going to give you some simple advice. Be paranoid about every clickable 'link' in any email you receive. You are going to receive spam no matter what, therefore, education and awareness is your best defense against all those 'phishers' out there.
- Phishers want to try to look like legit emails. Don't be surprised if they refer to you by name, email address, or other personal identifiers. The content they put in the email is meant to try to get you to click on the link in the email.
- Legit companies will never ask for any type of password in an email.
- A link in an email can say one thing but send you to a different place. If you hover your mouse icon over a link in an email it usually will give you a preview of the "real" link. This only works for certain email programs.
- Phishing websites are usually recreations of the legit website. I remember coming across a "Bank of America password reset" site that was an exact replica of the real thing.
- If you aren't sure the link is OK then don't click on it!
Awareness is the best defense especially around this time of year. Phishing is still one of the most common methods of computers being exploited and identity theft. Simply being more careful and aware of what you click on will greatly reduce your IT costs and aggravation.
I may not be prolific piscator but I can help prevent you from getting caught in the web.