This post during Cybersecurity Awareness Month is to help you "Think Before You Click" by helping you learn how to spot potential phishing attempts. Phishing can often lead to vulnerabilities that can result in ransomware or other types of malware. Reduce your chances of falling victim to phishing attacks.
Be on the look out for emails or text messages from unknown senders that contain strange links or attachments. Learn how to recognize these type of messages, and think before you click.
What is it?
Phishing is a kind of Social Engineering attack in which a bad actor poses as a trusted or reputable source and sends fraudulent digital messages, such as emails, with the intent of manipulating individuals into revealing personal or protected information, or with the intent of gaining unauthorized access to a system through a download or link.
Why should you care?
Phishing attacks are some of the most common—and most commonly successful—types of attacks. Learning how to recognize fraudulent messages by paying close attention to detail and never clicking on embedded hyperlinks, as well as remembering to report phishing attempts when you are targeted, are the best ways to defeat this kind of cyber attack. When clicking on links ensure that URLs begin with “https.” The “s” indicates encryption is enabled to protect users’ information.
Take a look at this sample Phishing email. Would this email fool you?
The following messages from the Federal Trade Commission’s OnGuardOnline are examples of what attackers may email or text when phishing for sensitive information:
- “We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below, and confirm your identity.”
- “During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.”
- “Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund.”
To see examples of actual phishing emails, and steps to take if you believe you received a phishing email, please visit StopRansomware.gov.
Phishing attacks use email or malicious websites to infect your machine with malware and viruses to collect personal and financial information. Cybercriminals attempt to lure users to click on a link or open an attachment that infects their computers, creating vulnerabilities for criminals to use to attack. Phishing emails may appear to come from a real financial institution, e-commerce site, government agency, or any other service, business, or individual. The email may also request personal information such as account numbers, passwords, or Social Security numbers. When users respond with the information or click on a link, attackers use it to access users’ accounts.
About Cybersecurity Awareness Month
Every October, Cybersecurity Awareness Month continues to raise awareness about the importance of cybersecurity across our Nation. Led by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCSA), Cybersecurity Awareness Month shares messages and weekly themes of the importance of staying safe online. The theme - See Yourself in Cyber – encourages individuals and organizations to own their role in protecting their part of cyberspace, stressing personal accountability and the importance of taking proactive steps to enhance cybersecurity.
If you have more questions about how Members Choice Credit Union is getting involved in this year’s Cybersecurity Awareness Month Campaign, please email us at cyber@mccu.com.
