I recently received an email from what I thought was Apple, telling me about an item I had paid for (see image above). The problem here is that I don’t use any Apple products at all, so such fake or phishing email scams should always raise a flag.
This means everyone is susceptible to a phishing attack. Often, fake emails are well crafted and take a trained eye to spot the genuine from the fake.
There are, however, ways to make yourself less of a target. Keep in mind our ten top tips to stay safe online.
1. Name of sender can trick you.
Email addresses and domain names can be easily spoofed. It is, therefore, crucial that you check the domain name for spelling alterations on suspicious emails. Even if they appear to have come from a trusted sender, always double check.
2. Check for typos.
Attackers are often less concerned about being grammatically correct. This means that typos and spelling errors are often evident in messages. Such errors in an email could be a good indication that the message is not genuine.
3. Do not share sensitive information hastily.
Any email that asks for sensitive information about you or your company is suspicious. For instance, no bank will ever ask for personal information over an email. Directly call your bank to ascertain if an email is genuine or not.
ALSO READ: Communication Regulator weighs in on Cybersecurity in Uganda
4. Don’t fall for URGENCY!
Phishing attacks use scare tactics such as urgency and authority to trick victims into taking immediate action. Emails that ask to share personal information or to make cash transactions are… ‘phishy’.
5. Hover but don’t click.
Hover over URLs. If the alt text does not match the display text, or if it seems strange, DO NOT click on it.
6. Attachments can be dangerous.
Hover over attachments to check for an actual link before you click on it or download it. But, if you are still unsure of the sender, do not click on the link.
7. Is it too good to be true?
If it sounds too good to be true, chances are it is! Phishing attacks use fake rewards to tempt victims to take action. You wouldn’t win a lottery if you never participated.
8. Keep your devices up to date.
Devices, and the applications on them, are more susceptible to attacks when systems are not updated. Maintain your antivirus and regularly check for updates.
9. Regularly check your accounts.
Check your accounts regularly to ensure that no changes have been made without your knowledge. Staying on top of your accounts, and knowing what data is held in each, will make spotting a phishing attack easier.
10. When in doubt, call out.
If you suspect that the security of your work device or data has been compromised, inform your cyber security team or your manager immediately.
