How to spot a phishing attack and preventing compromising your data
I’m sure we’ve all received one either by text or email. An email designed to catch your attention and make you worry that something has been compromised: Someone has added a device to your bank account; you missed a package from Royal Mail. I personally got one recently saying I had been in close contact with someone who’d tested positive for COVID-19, with a link to order a PCR test. A second glance makes you question it but often, because they’re written in a very specific way to worry you that something has gone wrong, we may click without thinking. For many hackers, this is their first way into your personal details and the start of a whole host of trouble.
An example of a phishing text message.
With so much of our lives being accessible digitally these days, hackers have more opportunity than ever to exploit and use this to their advantage. Antivirus software has simultaneously become more sophisticated too, but no system is completely watertight: hackers and antivirus software are in constant battle trying to outsmart the other, and sometimes, even the best systems can be overcome.
So how can I protect my personal data?
1. Change your passwords often
Our recommendation is to change your passwords every couple of months, and every time one is compromised. Find below some examples of how secure a password can be, courtesy of Cogbites.
2. Enabling multi-factor authentication
This is becoming a more common tactic, and a very effective one. To ensure it’s you, software and websites will send a code to an email or phone that has been set up in advance to ensure it’s you that’s trying to access your details.
3. Get a password manager
The advice is to never write your passwords down: so how the heck are you supposed to remember them all? With passwords needing to include numbers, upper and lower case letters and special characters, it’s a nightmare trying to remember them all. Luckily, companies exist that keep multiple passwords secure and safe and you’ll never need to remember one again.
4. Learn how to spot a phishing attack
Hackers exploit our tendency to worry, and will use that to get you to click as quickly as possible without thinking. Do not click links straight away. Take a second to think; banks will never send direct messages to you about account compromise, the post office won’t send you a message unless you have signed up to do so. Look at the URL and/or the number sending it to you. Often, in phishing text messages the number is just a generic mobile number and the URLs sent from phishing are not official URLs.
5. Keep yourself updated
Software is a constantly evolving and being updated, and it’s imperative to keep these apps and software updated. Most phones have settings to enable easy updating of both the software, and this can even be scheduled to be done automatically.
6. Never save card details on websites
When you save a password on a website, that website is now responsible for your card details, and if they get hacked, then your card details are now available to the ones that hacked their website.
7. Encrypt everything
This is becoming a more common tactic: end-to-end encryption has been used by WhatsApp, and it’s something you can use for your own personal files too. iPhone and iOS encrypt your hard drive by default, so just ensure you have a strong password and/or PIN. Encrypting your files on your laptop and computer requires a few more steps, which companies can help you with.
8. Wipe your digital footprint
Delete accounts you no longer use and regularly delete your Google search history, and use a VPN to boost browsing privacy.
That’s a lot to remember! Fortunately, it’s not entirely on the individual to keep you secure online. Services such as ours exist to help you and businesses keep safe with preventative measures and can provide methods to remove even the most stubborn of viruses, malware and ransomware off your systems. Take a look at our cyber security services or enquire with us today about keeping you and your devices safe from security threats.