Phishing is a serious issue today, with attackers targeting both individuals and organizations. Those who are unaware of how phishing scams work are at risk of having their accounts compromised, potentially leading to significant financial loss or data loss. But what exactly is phishing, and how can you prevent it? Tyler McCollum, Director of IT at AppTech Payments Corp., explains this common cyberattack and some effective defenses.
What is Phishing?Phishing is the term used to describe a method malicious actors use to trick people into handing over their login credentials. Think of it like “going fishing” for account details. Attackers make fake emails and login forms and send them out to many people, hoping that at least one or two of them will take the bait and try to log in with their real account details. These attacks are inexpensive to perform and are, therefore, very popular. When most people think of hacking, they think of genius programmers spending hours looking for complex ways to break into the target system. While there are cyber criminals who work in this way, social engineering attacks such as phishing are often used because they target the weakest link in any system: the users.
Five Ways to Protect Yourself from Phishing AttacksTry the following strategies to protect yourself against phishing attacks:
- Choose strong passphrases
- 12 or more characters long
- Includes upper and lower-case letters
- Has at least 1 number and unique character
- Don’t re-use your passphrases
- Use Multi-Factor Authentication (MFA)
- Never click links in unsolicited emails
- Trust your instincts