Keeping your personal information secure is becoming more important every day. Use the tips below to help protect your computer and financial accounts from prying eyes.
From the Desk of Joel Mannion, Electronic Banking Manager
Be Aware of Phishing Scams
First and foremost you should utilize a spam filter (this service should be provided by your email provider) and keep all of your systems patched and your anti-virus software up to date. The second line of defense against phishing is you. If you are vigilant, and watch for telltale signs of a phishing email, you can minimize your risk of falling for one. Telltale signs of a potential phishing email or message include messages from companies you don’t have accounts with, spelling mistakes, messages from the wrong email address (e.g. firstname.lastname@example.org instead of email@example.com), generic greetings (e.g. “Dear user” instead of your name), and unexpected messages with a sense of urgency designed to prompt you into responding quickly without checking the facts. “Resume” and “Unpaid Invoice” are popular attachments used in phishing campaigns. Here are some scenarios you may encounter:
- An email appearing to be from the “fraud department” of a well-known company that asks you to verify your information because they suspect you may be a victim of identity theft.
- An email that references a current event, such as a major data breach, with a malicious link to setup your “free credit reporting.”
- An email claiming to be from a state lottery commission that requests your banking information to deposit the “winnings” into your account.
- An email with a link asking you to provide your login credentials to a website from which you receive legitimate services, such as a bank, credit card company, or even your employer.
- A text message that asks you to call a number to confirm a “suspicious purchase” on your credit card. When you call, the operator will know your name and account information and ask you to confirm your ATM PIN. (This is a form of SMSishing.) What should you do?
For More Information
Anti-Phishing Working Group: www.antiphishing.org
Internet Crime Complaint Center (IC3): www.ic3.gov/default.aspx
Federal Trade Commission: https://www.consumer.ftc.gov/articles/0003-phishing
More information on the CIS Critical Security Control 7: Email and Web Browser Protections: https://www.cisecurity.org/critical-controls.cfm