Phishing

What is phishing?

Phishing is the attempt to get sensitive information such as bank details or passwords from someone by masquerading as a legitimate person or company. The word Phishing is a homophone of fishing due to the similarity of using bait to catch a victim.

How do you know it’s a scam?

There are different forms of phishing tactics. Most phishing occurs by using a disguised link in an email pretending to be from well-known companies asking to confirm details. Criminals may also try to trick you into giving away your personal information via Social Media messages or text messages. Criminals may try to fool you into installing a malicious software (malware) which can track and record the information you enter into your computer. Below are some of the commonly used tactics and warning signs you should be on the lookout for:

  • Phishers, pretending to be legitimate companies, may use email to request personal information and direct recipients to respond through malicious websites. Phishers have been known to use real company logos, and will also use a spoofed email address, which is an email address that is similar to the actual company’s address. However, the address may be misspelled slightly or come from a spoofed domain. Always look for this tell-tale sign.
  • Emails may come in the form of a help desk support ticket, a message from your bank, or from someone soliciting money via an advanced fee (419) scam. I’m sure many of you have received an email from a Nigerian Prince offering a share of $50m?!
  • Phishers tend to use a call to action. You may get a notice that an account is being shut down and you need to log into it to avoid that from happening. They may also request personal information in order to verify your identity.
  • Phishing websites can look much like legitimate sites because they tend to use the same images and layouts as the original sites.
  • Fraudulent messages are often not personalized and will often have misspellings of words and company names.

How do you know if you have malware?

Malware can be downloaded from web sites, email messages, instant messages, and from direct file-sharing connections. Additionally, a user may unknowingly receive malware by installing a software program, and the malware piggybacks onto that installation as additional suggested software (usually a small tick box is hidden in the corner). Users may also be unaware that some browser add-ons contain malware.

Malware frequently attempts to remain unnoticed, either by actively hiding or by simply not making its presence on a system known to the user. However, sometimes there can be signs that you may be infected:

  • Your computer starts to run slower than usual.
  • You start to receive an unusual amount of pop up ads.
  • There are new toolbars on your browser that you did not install.
  • Your browser’s home page has changed to a page that you are unfamiliar with.
  • Your web searches become redirected to other spam sites.

Virus

How do I avoid malware?

  • Be selective about what you download to your computer.
  • Watch out for anti-malware scams.
  • Beware of clickable ads.
  • Use an active internet security suite such as Kaspersky to protect and inform against malicious websites and software.
  • Do not accept or open suspicious error dialogs from within the browser.
  • Malware may come as part of a “free deal” offer – do not accept free deals.
  • Keep software and security patches up to date.

How do I protect my privacy?

If you happen to run across any of these red flags, here are some tips to keep yourself safe and protect your privacy:

  • Never give out any personal information.
  • If the call to action is to click on a link and sign into the site with your username and password, never click on the link. Instead, go to your web browser and type in the website’s URL. Be sure to look for the verified https:// at the beginning of the URL in the task bar if any card/bank details or personal details need to be entered.
  • Never download a program or file from a suspicious email. These may contain malware.