PART TWO
Protecting yourself from phishing
The first step to protecting yourself is to know how to recognize a phishing email. Here are a few red flags to watch out for.
Red flags of phishing
The email is unexpected and demands urgent action.
The sender's email address is from a generic or unexpected domain, like outlook.com.
Hovering over a link reveals a URL that isn't part of the company's official website, or is different from the URL that's initially displayed.
The email has spelling, grammar, and formatting errors.
The email is generic and doesn't address you by name.
The email has an unexpected attachment.
Image source: Stickers on Flaticon
Want to be a phishing expert? Click here to learn about the red flags in more detail.
Source: KnowBe4
Knowing's half the battle! However, there are some additional steps you can take to stay safe.
- Keep your software up to date
Your technology is on your side! Most email clients will automatically filter out malicious emails and attachments, and most browsers will prevent you from accessing dangerous websites. If your device prompts to update your computer or software, make sure to do so.
- Use multi-factor authentication
Multi-factor authentication requires you to verify logins on a separate device. This will make sure your accounts are protected, even if your password is stolen.
- Don't reuse passwords
Try not to use the same password on multiple sites. That way, even if one of your passwords is stolen, your other accounts are safe. It's also a good idea to occasionally change the password for really important accounts, like your bank account.
And finally...
- Don't engage with suspicious messages!
Remember, a phishing attack is powerless if you ignore it! Be cautious before replying, clicking on a link, or downloading an attachment. If you're still not sure, you can always verify if a message is legitimate through alternate means, such as calling the sender directly or contacting your IT department at work.