In a world without trust…
Not every email is what it seems…
You may think you’ve been contacted about an emergency by Google…
Or just chatting with your closest friend…
But if you’re not careful, you might just get…
Coming soon to a theater near you.
Well not really, but phishing attacks are a real life horror movie.
Here are 5 tips to help you identify those impostors and fraudsters and avoid getting caught on their hooks.
1- Watch your clicks
If you receive an email that seems odd or suspicious, chances are it's trying to get you to click a certain link.
It may be an email telling you that you need to log into one of your accounts to resolve a problem, or even your “friend” urging you to check out a hilarious video.
Before you click any links, hover over them with your cursor. Your browser should give you a sneak peek of where they actually lead to and display the hyperlinked address.
If it doesn’t match up with what the link claims it is, don’t bother clicking.
2- Look for the lock
If the link seems legit and you do end up clicking it, take a moment to look at the address bar.
A website’s URL contains some handy clues as to whether it’s truly secure and private or not safe at all.
If a webpage’s address starts with “https”, you probably have nothing to worry about. Some browsers will display a lock beside the URL to indicate that. If it starts with “http”, you may want to be careful what data you provide.
And this might go without saying, but if you’re supposedly being prompted to log into your Google account, and you end up on “gmail-login.com”, you might want to close that tab.
3- Nothing personal
Like we said above, if a website seems insecure, be careful what you share on it.
Most of these phishing email links will inevitably lead you to some elaborately constructed (or in some cases, laughably fake-looking) fraudulent sites which usually prompt you to supply some personal information, such as your credentials or credit card details.
Never share your passwords or any other sensitive data unless you’ve verified the security of the site you’re on, because any data you submit while on one of these sites will just fall right into the lap of a waiting hacker.
4- Update that browser
All the tips we’ve given so far have to do with your browser, and that’s no coincidence.
Hackers have long relied on exploiting loopholes and privacy vulnerabilities in browsers to operate their phishing schemes.
But the makers of popular browsers are always pushing out updates that fix these issues, making it harder for users like us to be fooled and get taken advantage of.
Whenever you see an update available for your browser, don’t even hesitate to install it.
5- Use a password manager
Last but not least, use a password manager. Aside from helping you keep track of all your various passwords, and allowing you to easily create strong and secure ones, a password manager also offers one key advantage in the fight against phishing.
When you store your credentials for a certain website in a password manager, it will automatically offer to autofill your username and password for you whenever you access that website.
What this means is that, if you follow a link you’ve received in an email, and then go to type in your username and password for a site you think you’re on, but your password manager doesn’t offer to autofill it like it usually does, then you are most definitely not on that site.
Phishing attacks may be scary, but you'll never have anything to fear when you use Myki.