It is always phishing season in cyberspace. And nothing is sacred. Hackers can get into your address book and send emails to you that appear to be from a friend. Emails that look like they are from a known vendor or trusted brand name can appear in your inbox and ask you for login information to your account. And then there are IRS scams, prize scams and all those oversees emails that come from someone in dire need (of your money).
How do you really know what message to trust anymore? Here are a few things to consider before opening that next email.
Don’t click email links from “trusted” vendors.
We all sign up for emails from our bank, phone and internet company and tons of online vendors we use for personal and business transactions. These emails can be informative in that they alert us to outstanding bills, sales, and new products. It is for this reason spammers often try to replicate brand image of these trusted vendors and send out these fake email blasts and try to get customers to turn over their account information.
Best Practice: Do an independent internet search of your vendors and bookmark their website. If you are still receiving paper bills you can also find their web address there. Just type it into your browser and then bookmark it. Always go to that bookmark when logging into your account. Never click on the link in the email.
Emails with only a link in them are SPAM!
Emails coming in that have nothing more than a link in the body should be deleted immediately. Do not click the link. It will likely unleash some type of software that will run the spectrum of nuisance to destructive and possibly try to send its self out to your contacts as well. Speaking of contacts, you will likely receive this kind of email from someone you know, because they were hacked.
Be careful about updating your computer and software at a website’s suggestion.
Just as with opening emails from “trusted” vendors, be cautious about updating your system or web browser via links another website offers. If they are asking you to update your browser or other software needed to use their website than locate that third party by independent means.
Do not trust pop up screens.
Whether surfing the internet on a mobile device or full computer screen there may come a time when your screen/device is taken over by a pop up screen indicating that you “have won…” or that your device is infected and you must call tech support. They provide the phone number and everything. Do not click the link and do not call the phone number. There will not always be a button you can click to close the window. Many of these try to force the recipient into clicking the link or an “OK” button.
Best Practice: Close the app completely. Then re-open it. If the problem persists, close the app again and power off your device. This usually disables the malicious intrusion.
If all else fails, I have clicked “OK” and then been redirected to the website where I can claim my “prize”. From there I close the page and the app without clicking on anything in the website. I also do a virus scan on my device.
Keep your antivirus software up-to-date and scan regularly.
My favorite anti-virus products are Intego for Mac and PC as well as Norton products. They offer very reasonable pricing to cover a multi-computer home and many now have the capability of scanning mobile devices. The software can be set to scan automatically as well as handle manual scan requests.
Consider working some or all of this into your regular online routine to reduce the risk of being caught up in a phishing scam.