How to Protect Yourself from Phishing

How to Identify Phishy Emails

1

Legitimate companies never ask you to provide your password, usernames or any other personal information through email or instant messenger.

2

Double-check the “From” address. These often have addresses that are similar, but not the same as the legitimate company they are attempting to disguise themselves as. Like mangement@mazoncanada.ca

3

Spelling mistakes/or grammar, bizarre formatting. Bold letters, crazy colours, strange alignment. Your bank is probably not going to highlight text or tell you do something right now in giant red bolded font.

4

Language will often be generic like “Dear Customer” or “Dear Member”. Subject line will not be very descriptive, something like “Account locked” or “Update now”.

5

Lots of threatening language and exclamation marks!!!!!!

6

Or none of the above. Phishing is getting very sophisticated. Spear phishing for instance is a much more focused approach where an attacker studies their target and creates a personalized attack. If anything at all jumps out at you as being suspicious, don’t be afraid to ask someone else’s opinion or contact the company directly.

How to Prevent Phishing Scams

1

Think before you click.

2

Check all the above criteria before following a link or clicking an attachment. If you’re still not sure, ask someone

3

Keep your browsers up-to-date.

4

Verify a site’s security by making sure it’s URL begins with ‘https’ and there appears a closed lock icon beside it.

5

Never download files from suspicious emails or websites.

6

Check your online accounts regularly for suspicious activity.

7

Get into the habit of changing your passwords regularly.

8

Use firewalls (provided by JIG). These will act as a buffer between you, your computer and outside intruders. Use a desktop firewall and a network firewall. When used together they drastically reduce the odds of hackers and phishers infiltrating your computer or network

 

9

Pop-up windows on websites are now very common and malicious ones often appear to be a legitimate component of a website. Most browsers allow you to block pop-ops but some might sneak through. Make sure to click the ‘x’ at the top of the box and not the ‘cancel’ button which will likely lead to a phishing website.

10

Never share personal information over the internet. Never send an email with sensitive information to anyone. Never make confidential entries through the links provided in emails.