Phishing scams are when a hacker sends an email pretending to be a legitimate sender in an attempt to steal your personal data.
These scams work by tricking you into clicking on a link or attachment that either infects your computer with malware or takes you to a page that looks legit, but isn’t and is designed to steal your private information.
Phishme reports:
- 91% of cyberattacks and the resulting data breach begin with a phishing email
- Phishing campaigns are up 55%
- Ransomware attacks are up 400%
Ransomware-as-a-service is flat out creepy! Phishing scams and Ransomware are widespread and getting worse. Understanding the problem and learning how to recognize these scams is the first step.
Not your average phishing story
There’s a phishing scam that everyone should be aware of. An email was recently sent to my inbox from a trusted IT source asking to collaborate on a project. A PDF file was attached with the necessary information. The instructions asked me to login with my office email and password to access the file. Here are the exact words in the email:
“We would like to collaborate with you on this new project below find all the necessary information in sheet let me know if you have any other questions?
Log-in with your work/Office email and password to access file.”
“It’s Approved and safe to view, Sign-in with your company email, The document will automatically download inside your email
Thanks”
A few tips to spotting a phishing scam:
- If the message came from a trusted source remember that they could have also been hacked. Remain cautious even if the message seems harmless.
- Always check the link before clicking. Hover over it to preview the URL, and look carefully for misspellings or inconsistencies.
- Enter your username and password only over a secure connection. Look for the “https” prefix before the site URL, indicating the site is secure. If there is no “s,” look out!
- Public WiFi hot spots are not secure – either use a VPN or stay away!
- Install reputable internet security software.
- Observe HIPAA regulations and get help with compliance. A phishing scam that results in a breach of +500 patient records guarantees an OCR investigation, possible fines, and a loss of reputation.