To this day, entering personal information
online makes many of us feel uneasy. In fact, I sometimes find
myself paying certain bills by submitting a hand-written check through the
mail. In a personal attempt to prevent phishing attacks, it makes sense. Now, some may call this old-fashioned method a waste of time. Maybe it's even being too paranoid
or merely an under-utilization of technology’s modern-day user experience. What can I say, old-fashioned ways tend to have a better ability to prevent phishing attacks!
What I find interesting about this particular perception of the old school ways is that it overlooks the motivation behind the action. Individuals who continue to pay their bills this way do it out of habit, family influence, or because they find it easier to organize and keep track of their finances. It becomes a practice thoroughly ingrained into their payment behavior. Because of this, these are the consumers that rarely have to worry about how to prevent phishing attacks and maintaining a secure online consumer presence.
Then comes the day when you get back from vacation and realize that your American Express credit card is past due, in the midst of a soon-to-end grace period. Technology for the win! After receiving that instant finance relief, you start to realize that online is the way to go.
Those with the Greatest Risk
Taking into consideration the millions of people who actively handle all daily finances, shopping and collaboration online, it is easy to associate technology-reliance with personal fraud. Referring back to the acceptance of technology and its inevitable ability to streamline the user experience, it becomes easier to see the core problem. Those who migrate from traditional payment methods to modern-day, auto-pay consumers are most likely not as aware of just how easy it is to have their financial data compromised. They lack the typical know-how to prevent phishing attacks. Thus, they are prime candidates.
As defined by SecurityWeek, phishing is a form of social engineering that attempts to steal sensitive information. Ok, so that definition works if you’re a social-savvy networking guru. Then again, think about everything engineering is associated with. There is always some form of structure to build upon with science and technology. The end result is something that is brought about through a detailed design using engines and machines. Take away the need for a “great technical mind” and you’ve got social engineering. It really is the “art of creative deception”.
It’s Easy to Get Lured In
Take a minute to ponder all of this. Phishing attacks don’t typically happen to those of us who utilize online banking systems on a regular basis. That being said: that doesn’t mean it can’t happen to you. It’s not always about the unconsciously incompetent. Whether you are an internet security rookie who is highly vulnerable to phishing scams or a consumer who has never experienced any identity issues after years of entering in personal information online, you will find that some phishing scams tend to appear more legitimate than others. If you don't know how to properly prevent phishing attacks from being successful, you could easily fall victim to a scam that ruins your financial history.
Prevent Phishing Attacks – The Bait to Look Out For
- Pop-Ups:
You know what a pop-up is. It's that annoying box that shows up 10 seconds after you are about to purchase, or when you're surfing online. This is no place to enter personal information. Better yet: avoid clicking on any links or copying any web addresses from pop-ups all together. This is probably one of the least credible ways to obtain your information, a real red flag that has scam written all over it. Even if you have a pop-up blocker installed on your browser, some phishers are able to chip right through. Pop-ups are an easy way to tell if the “enterprise” you are giving your information to is really legit; thus preventing you from being attacked.
- Malicious email:
Contrary to Pop-Ups, attackers also send phishing emails that avoid your spam folder, swimming right into your primary inbox. These emails are designed and filled with contents that seem both sophisticated and legitimate. One of the ways they really get you is by telling you that there have been some “changes to your bank account”and request that you click on a link to “update your personal information”. Relevant examples include the 2004 eBay fake email that tricked account holders into verifying their identity by tricking them into thinking other parties had recently accessed the account. No matter how authentic it seems, businesses will never request personal information to be sent via email. Keep this in mind to prevent phishing attacks from gaining hold of your bank account!
- Social Media:
Becoming a part of daily collaboration, social networks are playgrounds for social engineers. Let’s face it: Most of us have been on a website or a friend’s blog and liked or shared either a funny picture, news event or YouTube clip. No one really stops to consider what type of code is written behind that “like” or “share” button. Thanks to the evolution of spam emails, social networkers are starting to recognize fake offers that require users to share credentials. Some users even become annoyed with how easy it is to recognize fake apps that tend to steal access credentials. Businesses and organizations have been especially impacted by this particular attack pattern. Most businesses have a strict social media policy in place specifically to prevent phishing attacks. Much of these vulnerabilities have to do with the ignorance of employees when interacting on social media at work. This leads to the acceptance of fake offer attacks, which is how we were introduced to the largest number of social media based attacks in 2013. The implementation of a social media policy in the workplace has never been more crucial.
Don’t Let Your Guard Down!
No matter how relevant or enticing the message appears, if it is asking you to provide personal information though an email link or pop-up, it is best to avoid the website all together. That goes for social networking sites as well.
Anyone is vulnerable to a phishing attack.
However, among those who need the education and guidance to prevent phishing attacks the most are the ones migrating from the old-school finance management tools to take advantage of the modern-day technology user experience. If you’re a business owner, stand your ground. Stay up-to-date with your employee social media interactions and put a policy in place. Technology is a beautiful thing. By learning from the mistakes of others who’ve had their identity compromised and by following these simple guidelines, you can prevent phishing attacks and still take advantage of modern-day technology.
No comments:
Post a Comment