- The
Lure: An
enticing, yet flawed,
email featuring any of
these traits:
- Sender notes seeing
suspicious activity
on an account of
yours and asks if
you need assistance
- There's a request
for payment to
restore account
settings or update
your credentials
- A request to confirm
personal information
or provide personal
/ company financial
account details
- Provides a link or
attachment with a
fake purchase order
or invoice
- Offers a link to pay
a bill (when you
scroll over the
destination, it's
fraudulent and
doesn't match the
company's secure
portal)
- Notifies you of a
refund or rebate you
can claim
- Includes a “coupon”
link or attachment
- The
Hook:
Malware or ransomware
lying in wait to snag
you. If it's phishy,
steer clear and don't
bite! Even when scammers
use “live bait” and it
looks legitimate, scan
to check for the hook
first. Here are a few
things to look for:
- Egregious spelling
and/or grammatical
errors
- Links specifically
stating to update
credentials or
payment information
- Urgency to act
fast... or else
- The
Defense:
There are several
proactive steps you can
take to mitigate your
desire to bite and help
protect your credentials
even in the event you do
release them.
- Install security
software and set
your systems to
automatically
update, so you'll
have the latest
patches and
capabilities to deal
with the latest
threats before they
even reach your
inbox
- Enable multifactor
authentication,
which requires an
additional security
barrier to hurdle
beyond your username
and password by
providing:
- a passcode sent
to a secondary
device or
account
- an additional
question to
answer
- a biometric
identifier like
a fingerprint,
eye scan, or
facial
recognition
- Back up your data to
external hard drives
and store
information on
secondary servers or
cloud providers in
case you need to
recover from a
ransomware attack
|
|