Protecting Yourself from Phishing

Protecting Yourself from Phishing

By Krista Lockhart
Cybersecurity
phishing
How to recognize Phishing emails.

Protecting Yourself from Phishing Attacks: Types, Prevention, and Recovery

In contemporary times, phishing attacks have surged in frequency, closely mimicking authentic communications. This blog delves into the world of phishing, shedding light on its nature, the diverse array of phishing tactics, imparting strategies to prevent falling into their traps, and furnishing advice on how to navigate the situation if you inadvertently become entangled in one.

 

What is Phishing?

Phishing is a deceitful tactic involving the transmission of deceptive messages that masquerade as originating from a trusted and reputable source, typically distributed via email and text messages. The primary objective of the attacker is to steal funds, obtain access to sensitive data and login credentials, or surreptitiously implant malware onto the targeted individual’s device. Phishing is a perilous, harmful, and progressively prevalent form of cyber assault.

 

Types of Phishing Attacks
  1. Spear Phishing: Spear phishing is a highly targeted attack where cybercriminals tailor their messages to specific individuals or organizations. Attackers gather information about their targets from various sources, such as social media, to make the emails or messages appear more convincing.
  2. Email Phishing: This is the most common type of phishing attack. Cybercriminals send seemingly legitimate emails that prompt recipients to click on links, download malicious attachments, or provide sensitive information.
  3. Vishing (Voice Phishing): Vishing attacks involve phone calls or voicemails from scammers posing as trusted entities. These attackers may try to extract personal information or ask for payment details.
  4. Smishing (SMS Phishing): In smishing attacks, scammers use text messages to deceive recipients into clicking on links or replying with sensitive information.
  5. Pharming: Pharming attacks redirect users to malicious websites that mimic legitimate sites. Users unknowingly enter their sensitive information, which the attacker then captures.
  6. Whaling: Whaling is a form of spear phishing that specifically targets high-profile individuals or executives within an organization. These attacks aim to steal valuable corporate data.
  7. Clone Phishing: In clone phishing, attackers take a legitimate email, make a near-identical copy, and send it to the original recipient. The goal is to trick the recipient into taking an action that reveals sensitive information.

 

How to Avoid Falling Victim
  1. Verify the Sender: Always double-check the sender’s email address or phone number. Look for slight variations that may indicate a fraudulent message.
  2. Think Before You Click: Be cautious about clicking on links or downloading attachments, especially if the message is unexpected or seems suspicious.
  3. Don’t Share Personal Information: Never provide sensitive data, such as passwords or credit card numbers, through email or over the phone without verifying the identity of the requester.
  4. Use Multi-Factor Authentication (MFA): Enable MFA wherever possible to add an extra layer of security to your online accounts.
  5. Keep Software Updated: Regularly update your operating system, browsers, and antivirus software to patch vulnerabilities that cybercriminals may exploit.
  6. Educate Yourself: Stay informed about the latest phishing techniques and scams. The more you know, the better equipped you’ll be to recognize and avoid them.

 

What to Do If You Fall Victim

Despite our best efforts, anyone can fall victim to a phishing attack. If you suspect that you’ve been phished, here’s what you should do:

  1. Change Your Passwords: Immediately change the passwords for the compromised accounts. Ensure these passwords are strong and unique.
  2. Contact the Affected Service Providers: Inform the service providers (e.g., your bank or email service) about the incident. They can help secure your account and prevent further damage.
  3. Scan for Malware: Run a complete antivirus and antimalware scan on your device to ensure that no malicious software is installed.
  4. Monitor Your Accounts: Keep a close eye on your financial accounts and credit reports to detect any unauthorized activity.
  5. Report the Phishing Incident: Report the phishing attack to the appropriate authorities. In the United States, you can file a complaint with the Federal Trade Commission (FTC).
  6. Educate Others: Share your experience with friends and family to raise awareness about the threat of phishing and help others avoid similar situations.

Phishing attacks are a persistent and evolving threat in the digital landscape. Staying vigilant, educating yourself about the different types of phishing attacks, and taking proactive steps to protect your, personal and financial information can go a long way in preventing falling victim to these scams. If you do fall prey to a phishing attack, knowing how to respond can minimize the damage and help you recover more swiftly. Remember, the best defense against phishing is a combination of awareness, caution, and ongoing cybersecurity practices.

At Smart City, safeguarding our customers’ information from phishing scams is paramount. We employ a multi-pronged approach to ensure the security of their sensitive data. Our employees undergo rigorous training and awareness programs to recognize and thwart phishing attempts effectively. We maintain robust network security measures, including advanced email filtering, intrusion detection systems, and continuous monitoring, to identify and block potential phishing threats. Most importantly we enforce multi-factor authentication (MFA) and adhere to stringent patching and updating schedules to fortify our systems. By staying vigilant and combining employee education with state-of-the-art network defenses, we aim to provide our customers with a secure and trustworthy environment, where their information remains protected against the ever-evolving landscape of phishing scams.

Protecting Yourself While Online Shopping

By Debbie Burke
Cybersecurity
Internet
Security

Shopping has never been more convenient or easier with online shopping.  The selection is endless. Shipping is fast. Returns are easy. But it’s important that you’re not giving up security for convenience. Keeping your information secure is essential when buying online to avoid a stolen identity or wiped-out bank account.

The next time you shop online, follow these tips to ensure your online information is protected, and your purchases are safe.

  1. Shop with merchants you know and trust. Know who you are shopping with and to whom giving your personal information.
  2. Look for “https” in the URL/web address when making an online purchase. This means the website is secure, allowing you to enter your personal and credit card information and complete a purchase without being hacked.
  3. Don’t fall for phishing attacks. Be very careful before clicking on a link, even if it appears to be from a legitimate site, asking you to log in, change your password, or provide any other personal information. When in doubt, manually type the site’s URL in your browser window.
  4. Create a unique username and password for each account you have. This reduces your risk should a hacker crack your login to get access to every account that you use that login for. Vary them by adding unique letters, numbers, or symbols for each account.
  5. Don’t give too much personal information. Retailers don’t need to know your social security number or your birthday. If you feel they are asking for more than you are comfortable sharing, cancel the transaction.
  6. Never use free public Wi-Fi when shopping online. Your data is usually not encrypted. Hackers can create fake Wi-Fi networks, and as soon as you connect to their password-free network, they have complete access to your device.
  7. Don’t use debit online. Use a credit card as there are more consumer protections than using debit cards. Use third-party services like Apple Pay, Google Pay, or PayPal instead of using your credit card so that you are not giving the retailer your credit card information directly.
  8. Check your statements regularly. Continuously check your credit card and banking accounts for unauthorized activity, especially during the holiday season. Set up email or text message alerts to receive transaction details every time your credit card is used.
  9. Use Multi-Factor Authentication where possible. We recommend using both multi-factor authentication and a strong password whenever possible.
  10. Protect your computer. Keep your devices and software up to date, especially your web browser. Secure your device with anti-virus/anti-malware software and a Virtual Private Network (VPN).

Protecting yourself begins with your home network.  Ensure your privacy and security settings are configured, set up a strong password, and turn off any unnecessary features. For more information on 1 Gig Fiber to the Home and data protection, contact Smart City Telecom at 407-828-6700 or visit https://fibersignup.smartcitytelecom.com/

Safer Internet Day – Protecting You and Your Family

By Debbie Burke
Cybersecurity
Internet
Person using laptop

When you want to make your home more secure, you lock your doors. When you want to prevent your bike from being stolen, you use a bike lock.  When you want to protect your family online, you ensure their Internet safety.

Increased use of web-based tools, downloads of new applications, and dependence on email can expose your family to unwanted information or risks that might harm your devices, personal information, or your family.  While it can be overwhelming, there are some key things that you can do to ensure a safer Internet for your family.

Top Internet Safety Rules

  1. Teach your kids the dangers of the Internet and ask for help if something seems unusual. Remind them not to reveal too much information like their birthday, address, or SSN.
  2. Use parental controls and content filters like the “safe search” feature that filters objectionable content or use special search engines for kids like https://www.kidzsearch.com/ and https://www.kiddle.co/. Use parental controls to limit screen time, specific app use, or block websites.
  3. Create strong passwords and use two-step authentication, at least 12 characters long, and a mix of letters, numbers, and symbols, but no personal information. Two-step authentication adds a second layer of protection.
  4. When in doubt, delete it. Scammers often get access to your personal information when you click on their emails. Turn on spam filters for your email account to help filter suspicious messages.
  5. Watch for social media scams like fake profiles, catfishing, gossip clickbait, job offer scams, and fake online scams. Never click on suspicious links or fill out online forms unless the website is legitimate and secure.
  6. Share with care. Be aware of what you are publicly sharing on social media sites. Adjust your privacy settings to limit who can see your information.
  7. Understand privacy policies and what information their policies allow them to share.
  8. Adjust your browser safety settings for optimum security, found in the upper right corner. Clear your browsing history so you don’t leave a trail of sensitive data.
  9. Use security software from a reliable source. Run anti-virus and anti-spyware software regularly. Be wary of security updates from pop-up ads or emails that could infect your computer.
  10. Shop online from secure sites. Only put your information into sites with secure, encrypted connections, those that start with https: or have a padlock icon next to the address bar.
  11. Spend time online together. Hold family members accountable for their Internet safety practices. Keep computers in a common area and discourage kids from playing with tablets in their room.

Safer Internet Day focuses on how everyone plays a vital role in making the Internet better.  Celebrate Safer Internet Day every day in your home with a reliable fiber Internet connection and Wi-Fi from the only local provider in Celebration. Contact Smart City Telecom at 407-828-6700 or visit https://smartcitytelecom.com/.

Simple Ways To Protect Your Data

By Debbie Burke
Cybersecurity
Screen with fingerprint

Since 2020, data breaches have become more rampant. Personal information from 10.6 million MGM Resorts guests and over 533 million Facebook users was found on hacking forums. Over 280 million Microsoft customer support records were left unprotected. More than 500,000 Zoom teleconferencing account credentials were found for sale on the dark web.

Using the same or weak passwords everywhere makes it easier for your accounts to be compromised. Creating secure, unique passwords is critical in reducing the risk of data breaches and password leaks. There’s no guarantee that these techniques will prevent an attacker from learning your password, but they will make it more difficult.

  1. Create longer passwords. Try a minimum of 10 characters. Longer passwords or passphrases are more difficult to crack.
  2. Create complex passwords. Consider using a mix of capital letters, lower case letters, numbers, and symbols in your password. If you must write it down, hide it where it can’t be found.
  3. Don’t use personal information. Never use your name, or that of family members or pets, or numbers like your address, phone number, or birthday in your password. These are publicly available and easily accessible by hackers.
  4. Use different passwords on different accounts. If any of your sites are hacked, criminals will try using them elsewhere. Vary them by adding unique letters, numbers, or symbols for each account.
  5. Consider using a password manager program. These allow you to create, store and reset strong passwords for each of your sites. Many browsers, including Chrome, Safari, and Edge, have free built-in password managers.
  6. Use Multi-Factor Authentication where possible. Many services offer multi-factor authentication or two-factor authentication to provide extra protection for your accounts. Typically, a code is texted to your registered mobile device to type in to verify that it’s you. We recommend using both multi-factor authentication and a strong password whenever possible.
  7. Don’t fall for phishing attacks. Be very careful before clicking on a link, even if it appears to be from a legitimate site, asking you to log in, change your password, or provide any other personal information. When in doubt, manually type the site’s URL in your browser window.

 

For more information on 1 Gig Fiber to the Home, contact Smart City Telecom at 407-824-9277 or visit https://www.smartcitytelecom.com.