Best Practices to Protect Yourself Against Phishing Scams
Phishing scams use phony emails or websites to trick unsuspecting victims into revealing personal information including login IDs, passwords, and even account numbers. The victims often feel comfortable in sharing the information since the website used by the scam artist often resembles that of a much reputed company with a similar logo and the victim believes his information is safe.
In a quarter of a year, Kaspersky reported their anti-phishing filters were triggered at least 30.8 million times. Thus it is evident that millions of phishing emails are sent out every month to ensure that the profit cycle is continuous even if a very small fraction of the victims take the bait.
How can you avoid Phishing Scams?
It is important to prevent yourself from becoming a victim of a Phishing Scam than regret later. There are a multitude of steps possible for an individual or a company to ensure maximum protection against such phishing scams.
Ten tactics to avoid being a potential phishing scam victim are:
- The most important step to be taken by companies is to impart training to their employees to identify a Phishing scheme and respond accordingly. The staff needs to be trained in comparing authentic domain names to any URLs that might be linked in emails carefully to identify any differences. This will ensure that the company website you are visiting will be the actual website and not a duplicate created to collect sensitive personal information.
- To catch and report keywords commonly used in phishing scheme, you must activate the spam filter.
- In order to keep any phishing emails from reaching your mail inbox, an ideal way is to utilize add-ons and extension available for another level of protection.
- Password expiration and certain rules around the password strength are some cyber security policies that must be enacted by businesses and individuals alike.
- To make it easier to identify any questionable requests to reveal information or any tricky links, it is best to disable HTML on your email or to convert email to read only mode. That way, hyperlinks will not redirect you to unauthentic pages.
- Reputed companies will hardly ever request personal and sensitive information like login IDs, Passwords or account numbers through email. If at all you receive such an email, it is best to contact them directly on call and provide the required information in a safer way.
- Keep your antivirus programs, browsers and other software updated to access latest security patches and to minimize vulnerabilities.
- It best to retype the address in the browser bar rather than clicking the links in an email or copy and pasting the link in the browser bar. This way, even a subtle difference in the scammer website as opposed to the actual company website will come to your notice.
- It is best to use an SSL certificate to secure traffic to and from websites that are managed by you.
- A mistake we often commit is to opt for password-reset questions for which personal information like high school, birthday, and hometown etc. is required. This information we often reveal on our social media accounts. It is best to either keep this information private or simply provide an answer for which information is not so readily available on your social media profiles.