We conduct a lot of our lives online. Digital platforms offer us more options to connect and do business. They also open us up to cyber criminals. Email phishing schemes have been on the rise. But there are some things you can do to protect yourself. Summit DD’s Director of IT offers some helpful email safety tips to help you avoid becoming a victim.
Phishing scams
“The majority of [data breach] incidents originate from email,” explained Russ DuPlain, Director of IT for Summit DD. DuPlain said that email phishing is a main tool used by scammers to gain access to your data and personal information. These emails often contain a link or attachment meant to trick you into giving the scammer access to your information.
Once a scammer gains access into a person’s email, they then use the victim’s contact list to send out additional phishing emails, knowing that people are much more likely to click on a link or open an attachment from someone they know. This cycle eventually leads to the cyber criminals gaining access to bank accounts, personal data or even large-scale ransomware attacks that shut down businesses.
“These things happen all around us – no one is immune,” DuPlain acknowledged. However, he said that a few simple guidelines can reduce your risk of being the next phishing victim.
What you can do to protect yourself
Before clicking on a link or opening an attachment that you receive, even from someone you know, you should:
- Verify the sender’s email address: Is this email coming from your friend’s actual email address? Scammers will sometimes use a similar-looking address that may end differently or change the display name to impersonate someone you know. Be Aware.
- Check the context: Ask yourself if the message or request makes sense from this person. Were you expecting them to send you a link or attachment? Would they normally email you with this type of request?
- Double–Check: Finally, if you’re still unsure after verifying the address and checking the context, reach out to the sender using an alternate form of communication, like a text or a phone call, to confirm they sent you the attachment or link. DuPlain warns that if you click on a link in a friend’s email and it asks for your login information, be suspicious.
If an account gets breached
If an email does turn out to be a phishing scam, delete it. Also, be sure to let your friend know right away, through another method such as texting or calling them, that you received a phishing email that came from their email.
If you or someone you know has an account that has been breached, DuPlain advises that you change your password to that account immediately. “Change passwords at least annually,” DuPlain recommends. “Also be sure not to use the same password on multiple accounts,” he added.
Use of a password manager application like LastPass or 1Password can make this a lot easier. Just make sure your master password or pass phrase for the password manager is unique and very strong. DuPlain suggests they should be at least 15 characters and have the multifactor authentication enabled.
While there’s no way to be 100% safe in our digital lives, we can take steps to reduce our risk of becoming a victim to these phishing scams and protect our personal information.
Additional Resources
Find additional tips to protect yourself online.