In today’s day and age, most of us are familiar with the practice of phishing (trying to “hook” sensitive personal information by posing as a familiar and/or reputable company while communicating with unsuspecting consumers online). But are you as vigilant as you need to be in order to protect yourself from this lurking threat?
Phishing has been a constant threat to computer security since the birth of the Internet. Furthermore, according to industry experts and what I have witnessed myself firsthand, the prevalence of phishing expeditions has never been higher.
In fact, criminals are getting better and better at masquerading as banks, law enforcement organizations, and other trustworthy organizations and agencies, sending out emails that look entirely official and demand your immediate action. Typically, this action involves entering or otherwise providing access to your online…
- Usernames
- Passwords
- Banking/Credit Card Details
- Social Security Number
- Other Sensitive Private Information
As just one example of this rapidly worsening problem, I will point out an email that I myself recently received. By all appearances, this email seemed to come from the subscription services arm of Microsoft Office – Office 365. After all, the email was topped by a perfect recreation of the Office 365 logo and the message that proceeded had the professional appearance and feel that we’ve all come to expect from Microsoft.
A close look at the actual incoming email address, however, revealed something quite different. The largely random sequence of letters and numbers that comprised this address had no connection to Office 365 or Microsoft whatsoever. The same thing held true for the link that was embedded in the email. (You can clearly see this when you reveal the entire link destination by dragging the cursor over the embed tab. Just refrain from actually clicking on the link! Only click on links after you successfully determine that they are 100-percent safe!)
The proof is always in the return email address. Don’t be fooled by the big bag of lures that phishers will inevitably employ to hook you! In recent months, I have seen them use techniques such as…
- Voicemail – A link to a voicemail can be quite convincing. We may often distrust what we see written in an email, but for many of us, hearing is believing. Unless you are certain of their source, follow the no written or voicemail instructions that provide access to sensitive personal information.
- Invoices – Receiving an invoice for goods or services rendered is often no cause for alarm, particularly when sent from a company that you routinely do business with. However, these familiar names can easily be used against you in phishing expeditions. Even if you recognize the company on the invoice, be wary!
There is one cardinal rule that will protect you from phishing: Don’t open it! In other words, click on no file or link that you cannot verify as completely safe. And keep in mind that phishers have developed a whole slew of tricks to create a sense of vulnerability and urgency, often claiming that they need you to enter information ASAP in order to protect you from the exact same type of identity theft that they are perpetrating.
Don’t fall for it! If you think that there may be some truth to the claims in that urgent email, you probably need to pick off the telephone and speak directly with someone from the organization that supposedly sent it.
For more tips on how to protect yourself from identity theft and generally enhance your personal or professional computer security, call me and my K2 Technologies staff today at (307) 209-3447. As as a comprehensive managed services provider, K2 Technologies is eager to meet with you for an initial consultation.
Dan King
K² Technologies
(307) 209-3447
[email protected]