You’ve won a cruise and need to confirm your address! Your bank account has been breached and you must update your password. Your latest online purchase is missing some credit card information, please respond.
These are all examples of phishing, a data-snatching technique that puts you at risk for identity theft and fraud. While cybersecurity incidents like the recent attack on Equifax may attract more headlines, phishing is a regular occurrence for most Americans. Are you protected?
Q: What is phishing?
Phishing is the act of using some kind of “bait”—hence the play on the word fishing—to entice you to accidentally provide sensitive information to a malicious source.
Q: What form does it take?
Phishing can come in any communication form: phone calls, text messages, emails, messaging apps, even on a social media platform like Facebook. Typically, you’ll receive a message that you need to confirm your identity or personal information. When you respond, you are unknowingly interacting with a disguised source.
The hackers camouflage themselves as a legitimate organization. They may pretend to be your bank, your credit card company or an online retailer. In some cases, the hackers have even broken into the legitimate organization to send the fraudulent message.
Q: How can I protect myself?
Whenever you receive a request for personal information, assume the worst. If you believe it may be legitimate, contact the organization directly rather than responding to the request.
Monitor your accounts
Login to your financial accounts and credit record regularly to watch for fraudulent activity.
Use robust passwords, and update frequently
Put reminders on your calendar to update sensitive passwords, and use robust passwords that combine random letters, numbers and symbols.