If you are like most of us, you have undoubtedly received an email that has asked you to click on a link. Did you click it? If you did, you are like 99% of internet users because clicking links in normal. But in some situations you may have found that the link took you to a new or maybe spoofed website where you might be asked to log in. If you ever did this, you may have been the victim of a likely phishing attack, and these attacks are getting fishier all of the time.
A What? Phish? Fish?
It’s called a phishing attack, and yes, it’s a play on words. When you fish, you throw a hook and worm into the water and hope you catch something. Hackers do the same when they phish. Except, their hook and worm, in this case, is an interesting looking email that they hope you are going to click on…its then, that they can reel you in. There are a few different types of phishing:
Can You Protect Yourself from Phishing?
Yes, the standard rule is “don’t click links in the body of emails”. That being said, there are emails you can click the link and others you shouldn’t. For example, if I’ve just just signed up for a new website and a confirmation email is then sent to me, I’ll click that link. Or if I’m in ongoing dialog with a trusted colleague who needs me to click a link, I will. Otherwise, I don’t click links in email promotions, ads or even e-statements. I’ll go directly to the website via my password manager or a Google search.
Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.