Phishing is a cyber attack in which an attacker tries to trick you into giving away sensitive information such as login credentials, personal information, or financial information. Phishing is usually through an email, a text message, or a phone call. The attacker aims to access your accounts and steal your identity or money.
In a phishing attack, the attacker usually creates a sense of urgency or fear in the victim, making them more likely to act quickly without thinking. In addition, the attacker may use social engineering techniques such as creating a sense of trust or urgency, using a fake sender name, or using a convincing email or website.
Phishing attacks can be hazardous and costly, but by following these tips, you can protect yourself by guarding your personal information and assets against theft.
Here are six things to help protect you against phishing attacks:
Be skeptical of emails or messages that ask you to click on a link or provide sensitive information. This can be tricky to do because it’s easier to react. Don’t! Before you click on a “support” link, search your email inbox for the original support ticket, noting the date, email address domain, tone, structure, and everything. Then compare that to the email you just received asking you to click a link. If you have a funny feeling, report and delete the new email. If you’re unsure, send a new ticket, call the company, or hop into their social communities (i.e., Discord or Facebook) to inquire about receiving an email.
Use two-factor authentication to add an extra layer of security to your accounts. However, I recommend using an authentication application like Google Authenticator instead of listing your phone number to call or text you with authentication details. Why? Because your phone number can get compromised in breaches. For me, using a 2FA app is more secure.
Install anti-phishing software on your computer or phone, especially if you use Android and Windows systems.
Keep your software and operating systems updated with the latest security patches, including anti-phishing software.
Use strong and unique passwords for each of your accounts. FOR THE LOVE OF GOD, PLEASE DO THIS! Don’t use the same password on multiple websites. I would say use something like Last Pass (and I do), but I’m aware of their recent security breach. At this point, I’d say write down your passwords in a notebook.
Educate yourself and your networks about phishing attacks and how to recognize them. Subscribing to cybersecurity newsletters, internet searches, and even sharing this information with people - all count! #KnowledgeIsPower #TheMoreYouKnow🌈
ICYMI, my inspiration for this post is the recent MetaMask breach. I learned about it from @TimHaldorsson https://twitter.com/timhaldorsson/status/1647601458114621440?s=46&t=n-3fJl3NWPP-Gsp7EyXCHA
