Skip to main content

Protect Yourself From Cyber Attacks

WHAT IS PHISHING?

Phishing is a cyber attack that uses disguised email as a weapon. The goal is to trick the email recipient into believing that the message is something they want or need — a request from their financial institution or a note from someone in their company — and to click a link or download an attachment. Phishing attacks aim to dupe a victim into releasing sensitive information that can be used for identity theft. These attacks are on the rise with increased holiday shopping.

In a recent attack, a fraudster sends a text message to a cardholder, requesting they call an 800 telephone number because their “account is locked.” When the cardholder calls the number, they’re asked to enter their card number or other personal information, such as their PIN, Social Security number or mobile device codes.

What really distinguishes phishing is the form the message takes: the attackers masquerade as a trusted entity of some kind, often a real or plausibly real person, or a company the victim might do business with. It's one of the oldest types of cyberattacks, dating back to the 1990s, and it's still one of the most widespread and pernicious, with phishing messages and techniques becoming increasingly sophisticated.

 

HOW TO PREVENT PHISHING

There also are a number of steps you can take and mindsets you should get into that will keep you from becoming a phishing statistic, including:

  • Always check the spelling of the URLs in email links before you click or enter sensitive information
  • Watch out for URL redirects, where you're subtly sent to a different website with identical design
  • If you receive an email from a source you know but it seems suspicious, contact that source with a new email, rather than just hitting reply
  • Don't post personal data, like your birthday, vacation plans, or your address or phone number, publicly on social media