It’s Cyber Security Awareness Month. Better Business Bureau understands how pervasive identity theft is. It’s an important issue every consumer needs to understand and why BBB holds “SecureYour ID Day” annually. BBBs upcoming events in Buffalo, Canandaigua and Syracuse will help consumers with destruction of personal documents, one critical way toward identity theft prevention. Another important way to avoid identity theft involves knowing and avoiding “phishing.” Do you know how to avoid identity theft online?
“Phishing” – the act of targeting victims via email in the hopes of spreading viruses and gathering personal information – can happen to anyone. Cyber criminals have become quite savvy in their attempts to lure people into clicking on links or opening phony email attachments. Online phishing attacks can not only spread computer viruses, but they can pose a significant risk for identity theft.
BBB has joined with the National Cyber Security Alliance’s STOP. THINK. CONNECT.campaign to recommend the following tips to avoid falling for an email phishing scam:
Be on your toes. Only open emails, attachments, and links from people you know. Use anti-virus software regularly and enhance email filters to block threats. Watch out for unsolicited emails that contain misspellings or grammatical errors.
Don’t believe what you see. It’s easy to steal the colors, logos and header of an established organization. Scammers can also make links look like they lead to legitimate websites, and make emails appear to come from a different sender.
Avoid sharing. Don’t reveal personal or financial information in an email, and do not respond to email solicitations for this information. This includes following links sent in email. Be wary of any urgent instructions to take specified action such as "Click on the link or your account will be closed."
Pay attention to a website's URL. Hover over any links to see where they lead. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different – but similar – domain.
If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement, not information provided in an email. Information about known phishing attacks is available online from groups such as the Anti-Phishing Working Group. Report phishing to APWG.
Keep a clean machine. Having the latest operating system, software, web browsers, anti-virus protection and apps are the best defenses against viruses, malware, and other online threats.This material was developed in coordination with the STOP. THINK. CONNECT. campaign of the National Cyber Security Alliance. STOP. THINK. CONNECT. is a trademark of the STOP. THINK. CONNECT. Messaging Convention, Inc. 2010