Protect Yourself from Phishing Scams
Phishing scams are a persistent threat. Cybercriminals rely on unsuspecting individuals to steal personal and company information. By understanding the tactics employed by cybercriminals and implementing a few simple precautions, you can significantly reduce your risk of falling victim to these attacks.
5 Essential Tips to Avoid Phishing Scams
1. Be Vigilant with Email:
-
Scrutinize Sender Addresses: Carefully examine the sender's email address for any discrepancies or unusual patterns. Phishers often spoof legitimate addresses to trick recipients.
-
Hover Over Links: Before clicking on any link within an email, hover your mouse cursor over it to reveal the actual destination URL. If it doesn't match the expected link, avoid clicking.
-
Verify Unexpected Requests: Be cautious of unsolicited emails asking for personal information, such as passwords, bank account details, or social security numbers. Legitimate organizations will never request such sensitive information via email.
2. Exercise Caution on Social Media:
-
Limit Personal Information Sharing: Avoid sharing excessive personal details on social media platforms. This includes your full name, home address, phone number, and date of birth.
-
Be Wary of Friend Requests: Scrutinize friend requests, especially from unknown individuals. Phishers may create fake accounts to gain access to your personal information.
-
Think Before Clicking: Be mindful of links and advertisements on social media. Verify the source before clicking to avoid malicious websites.
​
3. Use Strong, Unique Passwords / Passphrases / Passkeys:
-
Create Complex Passwords: Employ a combination of uppercase and lowercase letters, numbers, and symbols to make your passwords difficult to crack.
-
Avoid Reusing Passwords: Use different passwords for each online account to minimize the impact of a potential data breach.
-
Consider a Password Manager: Utilize a reliable password manager to securely store and manage your passwords.
-
Switch to Passkeys: For a more secure password solution, switch to passkeys and remove the hassle of remembering passwords or passphrases.
4. Report any suspicious activity to your IT department:
-
Report Immediately: Phishing scams are often one of the first phases of a cyber-attack. Help stop the attack before it starts.
-
Report Everything: Any suspicious email is worth reporting. It’s much easier to investigate an email than react to a cyber-attack
-
Don’t Be Embarrassed: If you clicked on a link and it doesn’t “feel” right or it’s obviously not correct, don’t cover it up. Report it to your IT department.
5. Educate Yourself and Others:
-
Stay Informed: Stay up-to-date on the latest phishing tactics and scams by reading security news and following cybersecurity experts on social media.
-
Share Knowledge: Educate your friends and family about phishing risks and best practices to protect themselves.
-
Report Phishing Attempts: If you encounter a suspicious email or website, report it to the appropriate authorities or the website's administrator.
By following these essential tips, you can significantly reduce your risk of falling victim to phishing scams. Vigilance and awareness are key to safeguarding your personal information and financial security in the digital age.
​
---
​
This training series is based on the CAN/DGSI 104 NATIONAL STANDARD OF CANADA Baseline cyber security controls for small and medium sized organizations (typically less than 500 employees), the Canadian Centre for Cyber Security controls and the National Institute of Standards and Technology (NIST).
​
This tutorial is a guideline for best practices, but you are encouraged to review your company's password policy to ensure you are following your organization's procedures.
​
---
​