Don’t Get Hooked by Phishing Attempts

Phishing attacks are more common than you might think, and they can happen to anyone. According to the FBI's Internet Crime Report, phishing scams were the most common type of cybercrime reported in 2023, affecting millions of people. Phishing is when cybercriminals send fraudulent but genuine-looking emails to entice victims to provide personal information such as passwords or credit card information.  In 2023, the number of phishing attacks and scams increased, with reports of over 1.76 billion phishing emails sent and a surge in the number of phishing sites. This is a 51% increase from 2022.*

You can easily be lured into a false sense of security when receiving a phishing email. These emails often contain familiar logos and headers or come from what seems to be a familiar contact, all with the end goal of trying to trick you into clicking a bad link or convincing you to enter information that could compromise your identity.

Here are 10 tips to avoid getting hooked.  

1. Look at the actual “from” email address, not just the sender’s name. Be sure that emails supposedly from people in your contact list are from their genuine email addresses. 
2. Double-check the sender's email address. Phishers often mimic legitimate companies by altering domain names with small changes, like acuty.com instead of acuity.com.
3. Don’t click on links in emails from unknown senders. Hover over the links (hold your cursor over the link without clicking) to check the full URL and ensure it’s legitimate
4. Look for misspellings, grammatical errors, strange formatting or fonts, or unnatural phrases in emails that supposedly come from an official or corporate sender. 
5. Watch for emails that try to create a sense of urgency, request sensitive information, or pressure you to bypass policies or procedures at work.
6. Check that the reply-to address matches the address of the person sending the email. 
7. Be wary of generic salutations (“Dear Customer”) from senders who should know you and be able to use your first or full name when addressing you. 
8. Beware of attachments, especially those that have strange names. They may contain malware that could allow a cybercriminal to lock out your system in exchange for money.
9. Always have a good antivirus software and keep it updated. 
10. If it sounds too good to be true, it probably is. 

You can find more tips from the United States Federal Trade Commission at OnGuardOnline.gov. And if you receive an email that smells "phishy," you can report it to organizations such as The Anti-Phishing Working Group (reportphishing@apwg.org), which utilizes a network of security vendors, financial institutions, and law enforcement to fight phishing. 
 

By following these tips, you can reduce the risk of falling for phishing scams. Stay alert and protect your personal information today.

*https://www.securitymagazine.com/articles/100398-report-over-176-billion-phishing-emails-were-sent-in-2023#:~:text=Report:%20Over%201.76%20billion%20phishing,sent%20in%202023%20%7C%20Security%20Magazine