As technology continues to increase its presence in our everyday lives, our personal information becomes even more important. Phishing attempts to steal identities, money – or both, are also becoming more common. ClearanceJobs sat down with Colby Turley, Informations Security Manager at the Cybersecurity and Infrastructure Security Agency, to learn more about phishing attempts and the best ways to avoid them.
What is Phishing?
“Phishing is a form of social engineering through email or websites to solicit personal information by posing as a trustworthy organization,” explained Turley. “It’s basically a bad actor that is trying to either gain access to your personal information, trying to steal money from you, or both.”
People or companies who put out phishing attempts can get email addresses from anywhere, including other websites, databases, or even from individuals who have saved your email on their computer. “Phishing targets everyone, it’s not really a particular person,” he explained. “It’s someone that’s really just sending out thousands of phishing attempts and seeing which ones they get and who is going to click that link.”
Phishing attempts are so successful because most people are busy and under stress. When we get an email that says we need to log into our bank account because there’s a problem, our instinct is just to click it so we can deal with the problem.
How to Avoid Becoming a Victim
You may not be able to keep phishers from getting your email address, but there are still several things you can do to avoid becoming a victim of a phishing attempt.
“Allow technology to help you in those areas as well,” said Turley.
His first recommendation is to use your email provider’s spam filtering to help catch phishing attempts before they even reach your inbox. “A lot of the email providers out there have a spam service that will filter spam emails, which includes phishing attempts, so that what comes in your inbox should be all your good emails,” he said.
Another recommendation is to create rules in your email box which send certain types of emails into different folders automatically. For example, send emails from your bank and credit card company into a folder for finances, or send emails from your kids’ school into a folder for kid-related emails. Then, when an email lands in your inbox, you’ll know you need to look at it carefully before opening it since you don’t know who it came from.
Turley also tells people to use apps provided by companies like Amazon, Walmart, and other companies phishers may use to trick people into clicking on emails. “If there’s something wrong with your account and you get a phishing email from Target and they say you need to log in, don’t do that. Go straight to your app and check it out. Having that app on your phone is a good way of trying to verify.”
Finally, if you regularly read emails from companies, it will be easier to recognize when a phisher sends an email with odd wording or graphics that don’t match what you’re used to. “When the phishing email comes in, it’s always going to look a little different,” said Turley.
See Yourself in Cyber at CISA
Phishing scams are just one way bad actors try to use technology to benefit themselves while victimizing businesses and people. Cyber security impacts everyone. CISA keeps attackers at bay through its work in cybersecurity, infrastructure security, and risk management, and their website has even more tips on how to avoid scams. See yourself in cyber by connecting with CISA for these tips, job opportunities, and more.
SPONSORED CONTENT: This article is written on or behalf of our Sponsor.