Everyone Knows About Phishing, So Why Are We Still Clicking?

Keeping up with the latest phishing scams and how to avoid them is apparently not fool proof enough. Cyber scammers know how we try to avoid them and they are continually using that knowledge to make phishing more sophisticated and effective.

A Google and University of California study finds a startling 25% to 45% of all phishing emails and bogus phish landing sites are successful. And just how does that happen with so many users aware of the latest and greatest phishing scams? Security experts agree that scammers are getting better and better at making their links appear to be legitimate. These cyber creeps pounce on the slightest weakness on the user’s part. Duplicating and fabricating landing pages or “linking” emails from trusted senders and businesses are only the beginning.

So how can a user not open a very tempting email link from the IRS, for example? Simply by knowing the IRS never uses email to contact Americans about their taxes. Better informed than not, security experts agree that knowledge is your best defense but admit security software is key. Being forewarned isn’t just for phishing anymore. Beware of spyware called a “keylogger” that records keyboard strokes as the user types, easily gaining sensitive financial account and other passwords. Take heart as experts share some very important phishing tips…

- An email link from an unknown sender absolutely needs a closer look. Hover your mouse pointer over the link and check its origination. There’s a huge red flag if the sender address doesn’t match the link address.

- Just because the email looks legitimate from a sender you know, check out the sender first. Faking email addresses is very easy to do.

- No legitimate business or sender will ever ask for sensitive or personal information using email. Also, beware shoddy graphics, misspellings, and poor grammar. Scammers may be crafty, but they’re not all geniuses.

- Always keep programs and security products updated. If scammers are looking for weakness, they can easily spot holes in your security.

- A company or service needs to know if they’re being used by phishing scams. Tell them immediately that something’s not right. Let your email security provider know as well. You can also contact the Federal Trade Commission (FTC) or use the Online Complaint Assistant to report most types of fraud.

- It can’t be stressed enough, create and use passwords wisely. Always use a combination of upper and lower case letters, a few numbers, and special characters. Every password should be a minimum of eight characters.

© Copyright 2017 Stickley on Security