Taking too long? Close loading screen.
Connect with us

Tech

How to avoid a spear-phishing attack. 4 tips to keep you safe from timeless scams – CNET

Published

on

cybersecurity-laptop-0737
Don’t give cybercriminals access to your accounts by accident.
Angela Lang/CNET

Everyone has access to something a hacker wants. To get it, hackers might aim a targeted attack right at you. The goal might be stealing customer data that’s useful for identity theft, your company’s intellectual property or even your personal income data. The latter could help hackers steal your tax refund or file for unemployment benefits in your name.

Targeted attacks, also called spear-phishing, aim to trick you into handing over login credentials or downloading malicious software. That’s what happened at Twitter in July, where the company says hackers targeted employees on their phones. Spear-phishing attacks also often take place over email. Hackers usually send targets an “urgent” message and include credible-sounding information specific to you, like something that could have come from your own tax return, social media account or credit card bill. These scams aim to override any red flags you might notice about the email with details that make the sender sound legitimate.

Bitcoin scam tweet on Joe Biden's hacked Twitter account
When Twitter employees fell for a spear-phishing trick, Democratic presidential candidate Joe Biden’s Twitter account was compromised and pushed a cryptocurrency scam. CNET has blocked out the address that hackers included in the tweet.
Screenshot by Queenie Wong/CNET

Despite corporate training and stern warnings to be careful who you give your password to, people do fall for these tricks. In addition to the Twitter fiasco, there was the release of Hillary Clinton campaign chair John Podesta’s emails, including his technique for making risotto (hint: keep stirring!). Podesta reportedly entered his personal username and password into a fake form designed by hackers specifically to capture his credentials.

Another consequence of falling for a spear-phishing scam could be downloading malicious software, like ransomware. You could also be convinced to wire money to a cybercriminal’s account. So how do you avoid falling for a spear-phishing scam? By taking these security habits to heart.

Know the basic signs of phishing scams

Phishing emails, texts and phone calls try to trick you into visiting a malicious website, handing over a password or downloading a file. This works in email attacks because people often spend the whole day at work clicking on links and downloading files as part of their jobs. Hackers know this and try to take advantage of your propensity to click without thinking.

So the No. 1 defense against phishing emails is to pause before clicking. First, check for signs the sender is who they claim to be:

  • Look at the “from” field. Is the person or business’s name spelled correctly, and does the email address actually match the name of the sender? Or are there a bunch of random characters in the email address instead?
  • While we’re at it, does the email address seem close, but a little off? E.g. Microsft.net, or Microsoft.co.
  • Hover your mouse over any links in the email to see the true URLs they will send you to. Do they look legitimate? Remember not to click!
  • Check the greeting. Does the sender address you by name? “Customer” or “Sir” would be red flags.
  • Read the email closely. Is it generally free from spelling errors or odd grammar?
  • Think about the tone of the message. Is it overly urgent or trying to get you to do something you normally wouldn’t?

Don’t fall for more advanced phishing emails that use these techniques

Even if an email passes the initial smell test outlined above, it could still be a trap. A spear-phishing email might include your name, use more polished language and seem specific to you. It’s just plain harder to notice. Then there are targeted phone calls, in which someone calls you and tries to manipulate you into handing over information or visiting a malicious website.

Because spear-phishing scams can be so tricky, there’s an extra layer of caution you should apply before acting on a request that comes over email or the phone. The most important of these extra steps: guard your password. Never follow a link from your email to a website and then enter your account password. Never give your password to anyone over the phone.

Banks, email providers and social media platforms often make it policy to never ask for your password in an email or phone call. Instead, you can go to the company’s website in your browser and log in there. You can also dial back to the company’s call customer service department to see if the request is legit. Most financial institutions, like your bank, will send secure messages through a separate inbox you can access only after you’ve logged onto the website.

Beat phishing by calling the sender

If someone sends you something “important” to download, asks you to reset your account passwords or requests that you send a money order from company accounts, call the sender of the message — like your boss, your bank or other financial institution, or the IRS — and make sure they really sent it to you.

If the request came by phone call, you can still pause and double check. For example, if someone says they’re calling from your bank, you can tell the caller you’re going to hang up and call back on the company’s main customer service line.

A phishing message will often try to make the request seem incredibly urgent, so you might not feel inclined to add an extra step by calling the sender to double-check. For example, an email might say that your account has been compromised and you need to reset your password ASAP, or that your account will expire unless you act by the end of the day.

Don’t panic. You’re always in the right if you take a few extra minutes to verify a request that could cost you or your company financially, or damage your reputation.

Lock down your personal information

Someone who wants to spear-phish you has to get personal details about you to get started. Sometimes your profile and job title on a company website will be enough to tip off hackers that you’re a valuable target for one reason or another.

Other times, hackers can use information they find about you in data breaches. There’s not much you can do about either of those things.

But sometimes you’re spilling information about yourself that can arm hackers. This is a good reason to set your social media accounts to private and not post every detail of your life on Twitter.

Finally, enable two-factor authentication on your work and personal accounts. It’s a service that adds an extra step to the login process, and that means hackers need more than just your password to access sensitive accounts. That way, If you do hand over your credentials in a phishing attack, hackers won’t have everything they need to log in and wreak havoc.

Follow these steps and you’ll be prepared to avoid the pain of getting spear-phished. These tips are also good for avoiding coronavirus scams as well as tax scams. While you’re learning how to stop hackers from making your life harder, you can also avoid getting malware on your Android phone and keep it safe even if it’s refurbished.

Source : CNET Read More

Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Tech

Charge Your Phone Wirelessly With 50% off a Multifunctional LED Lamp

Published

on

Best Tech DealsBest Tech DealsThe best tech deals from around the web, updated daily.

White Wireless Charge Lamp | $18 | Amazon | Clip coupon + code ABC88699
Black Wireless Charger Lamp | $20 | Amazon | Promo code ABC88699

When you’re ready to turn in for the night, you don’t want to forget to charge your phone— especially if your mobile device doubles as your alarm clock.

With this wireless charger lamp, you can make this crucial step of your nightly routine even easier by just setting your phone on the wireless charging pad and… well, that’s all there is to it!

Advertisement

Other functions include multiple lighting modes as well as a sleep timer option for auto shut-off of the light after 30 or 60 minutes.

This lamp can be yours in white for $18 if you clip the coupon on Amazon (it’s below the original $40 price) and add promo code ABC88699 at checkout.

You can snag the black version for $20 using the same code—no coupon though, sorry.

Don’t sleep on this deal! Who knows how long stock or the coupon code will last?

Advertisement


Source

Continue Reading

Tech

Keep That Hotdish Hot With 65% Off a Luncia Casserole Carrier, Only $11 With Promo Code

Published

on

Best Home DealsBest Home DealsThe best home, kitchen, smart home, and automotive deals from around the web, updated daily.

Luncia Double-Decker Dish Carrier | $11 | Amazon | Promo code SDDU9S7F

It has been a long time since the days we could safely have a potluck or other gatherings, but we have a fantastic deal perfect for once those times return. These double-decker Luncia dish carriers can be had for 65% off when you add promo code SDDU9S7F at checkout and clip the coupon on the site (it’s just below the price). These holders fit 9″x 13″ sized baking dishes.

Advertisement

That means you can insulate and keep two dishes of food warm for only $11 instead of $30. What’s more, your Luncia carrier will arrive by Christmas if you order today as a Prime member.

Just add promo code SDDU9S7F and clip the 5% off coupon to bring the price down to $11 for the blue or the grey option.

Advertisement

Grab this offer while it’s still around!


Source

Continue Reading

Tech

Conquer Your Pup’s Dander and Fur With $700 Off a Cobalt or Charcoal Bobsweep PetHair Plus Robot Vacuum

Published

on

Best Home DealsBest Home DealsThe best home, kitchen, smart home, and automotive deals from around the web, updated daily.

Bobsweep PetHair Plus Robot Vacuum & Mop (Cobalt) | $200 | Best Buy

Bobsweep PetHair Plus Robot Vacuum & Mop (Charcoal) | $200 | Best Buy

Allergies can be bad enough as the seasons change. Don’t let pet hair and dander add to that by vacuuming it up early and often. That chore is easier said than done— unless you have a robot vacuum to do the work for you. This lovely bright cobalt Bobsweep PetHair Plus robot vacuum and mop, only $200 today at Best Buy seems like an ideal option. That’s a whopping $700 off, by the way.

Advertisement

You can get the same deal for the charcoal version of the robot vac, too. This model is not only specially made for picking up pet hair, it self docks and charges when it’s finished with the work.

It also comes with a mop attachment, so it can take care of those kitchen floors for you as well. Grab it while it’s still available for this fantastic price!

Advertisement


Source

Continue Reading

Trending