Don’t Take the Bait: How to Protect Yourself from Phishing Attacks

Phishing attacks are running rampant and showing no sign of slowing down.

What is it?

Phishing attacks have become an effective way for cyber-criminals to gain access to personal data through infected emails. This is done by sending out persuading emails from very well known sources like Apple or Microsoft, regarding missed payments, or recent changes to an account. Depending on the type of malicious software encrypted into the email, by just opening up the email is all they need to gain access to your information/data.

How to identify a phishing email?

1. Look but don’t click
   Make sure to hover your mouse over any links that are embedded in emails. If the link leaves you unsure, do not click it and just open a new window and type in the website address there to test the link.
2. Don’t trust the display name
   Most phishing scams typically tend to use popular websites or companies as a technique to further persuade you to open the email. Facebook, Apple and Microsoft to name a few, are examples of typically used phishing scam display names.
3. Check for spelling and grammatical errors
   When reading through your emails, pay attention to any spelling mistakes and grammatical errors in the text. Cyber-criminals are not known for their spelling and grammar so this is a great indication of the email being a scam. All professional companies have a staff of editors making sure everything sent to their customers reaches their high expectations.
4. Threats
   Most of the time a phishing email will send you some sort of a threat usually along the lines of ” your account will be closed if you do not respond”. Cyber-criminals often use threats that your security has been compromised. They use this technique to scare you into clinking a link or give out personal information.
5. Don’t give up personal information
   Most of the time, infected emails will ask you to “update your personal information”. If you are unsure, the best thing to do is contact the company by phone to determine if any updates are actually needed.

How to report phishing scams

Outlook.com
If you receive a suspicious email message that asks for personal information, click the check box next to the message in your Outlook inbox. Click the arrow next to Junk and then point to Phishing scam.

Microsoft Office Outlook (2010 and 2013)
Right-click the suspicious message, point to Junk, and then click Report Junk.

If you happen to receive a phone call, make sure to take down the callers information and report it to your local authorities.
In Canada, the Canadian Anti-Fraud Centre can provide support.
In the United States, use the FTC Complaint Assistant form.