October is Cyber Security Awareness Month!
Cyber criminals are unlike regular criminals. They usually impersonate and trick us into giving up our personal information. Sometimes they even steal our identities. The goal of Cyber Security Awareness Month is to help you understand cybercrime and to increase your own cybersecurity.
Phishing: What is It?
Phishing is a common cyber attack. Have you ever encountered a suspicious phone call, text, email or social media post? A scammer usually tries to trick you into clicking a malicious link, downloading malware or sharing sensitive information.
A phishing attack has three parts. They are the bait, the hook and the attack.
- In the first part, the scammer impersonates a representative from a major bank or service. They deliver a message to numerous recipients hoping that some will take the bait.
- In the second part, the victim believes the message. They take urgent action. e.g. send e-transfer to pay for the import fee for a package. The victim clinks the link in the message because they think it is from a trusted source. The victim provides sensitive information such as login credentials which are sent to the scammer.
- In step three, the cybercriminal attacks. The credentials are stolen. The scammer can now access the victim’s account. For example, they may send more phishing emails or messages to the victim’s contacts.
What steps can you take to protect against cyber attacks?
- Don’t take the bait. Be cautious with fake links or attachments. If you suspect an email to be a phishing attempt, do not open any attachments or click any links.
- Check the greeting. The scammer usually writes the message to a generic recipient. They never use your first and last name.
- Watch out for emails that ask you to act urgently. Do not trust promotional offers which look “too good to be true”