Phishing and Password attacks is one of the oldest scam on internet and growing day by day due to lack of awareness and training which becomes problem for both individuals and organizations.
Phishing emails generally have a links and in a way they represent people usually click on it. After clicking the link it redirects to authentic looking, much as fake, web page. The target is to collect your personal information like a username and password, or even additional financial data.
Below, we describe best practices to avoid phishing attacks.
1. Just say no to links – Never Click on Hyperlinks in Email
Never click on a hyperlink included within the email.
2. Never Enter Sensitive Information in a Pop Up Window
Phishers use Pop up windows with illegal agendas. The best practice to prevent phishing attacks is to never enter information into a pop up window.
3. Verify HTTPS on Address Bar
Whenever you have to or someone conveying confidential or personal information online, you must confirm that the address bar reads “HTTPS” and not the standard “HTTP.”
4. Education on Phishing Attacks
Educate yourself and your end users about the types of phishing emails, take online training courses lots of free resources available online check; Knowbe4.
5. Keep Antivirus Protection Current
Antivirus protection is an invaluable first line of defense against phishing attacks.
6. Use Anti-Spam Software
Anti-Spam software filters out a good amount of phishing emails that would end up in an inbox.
7. Use Anti-Spy Software
Using Anti-Spy software on a computer significantly lowers the risk of a malicious phishing attack.
8. Install and Maintain a Reliable Firewall
Use the firewall settings which are used to prevent phishing attacks and you must update the programs regularly. Also firewall protection prevents access to malicious files by blocking the attacks.
9. Protect Against DNS Pharming Attacks
This type of phishing attack does not involve email or pop-up windows. Rather, an individual’s local DNS server is said to be poisoned. That means when a person attempt to go to an actual website is interrupted and misrouted to a fake website which may looks legitimate website to capture personal and financial information.
10. Utilize Backup
By making backup copies online and offline, a person can revert to an un-corrupted system if a phishing attack is suspected.
Whenever open an email always close look at the sender’s display name when checking the legitimacy of an email.
Always keep in mind, not click links or download files even if they come from seemingly “trustworthy” sources.