Cyber Security Awareness Month-Week 2
October 2017
Here at Fortis, we believe cyber-security is of the utmost importance, and we have made cyber-awareness a top priority for our Clients, Colleagues and Friends. October is National Cyber Security Awareness Month. Fortis is promoting cyber security by sharing weekly tips and information during the month of October.
What is Phishing?
Phishing (pronounced “fishing”) is a kind of identity theft that is growing in popularity among hackers. By using fraudulent websites and false emails, perpetrators attempt to steal your personal data – most commonly passwords and credit card information.
Criminals gain this information by sending you links to bogus sites that look like very similar to your online banking provider, your social networks and favorite shopping sites. Once you enter your login or credit card data they are able to steal it instantly. Some of the most commonly “spoofed” sites include PayPal, eBay, Yahoo! and MSN, as well as financial institutions. Bottom line: don’t think that an email is guaranteed to be safe when it’s not from a bank.
How to protect yourself against phishing
Don’t get pressured into providing sensitive information. Phishers like to use scare tactics, and may threaten to disable an
account or delay services until you update certain information. Be sure to contact the merchant directly to confirm the authenticity of their request.
Make sure you familiarize yourself with a website’s privacy policy. The majority of commercial websites have a privacy policy, which you can usually find at the foot of their home page. The most useful thing to look for is the website’s policy about whether it will or will not sell its mailing list.
Most of the spam you receive on a daily basis – as well as potentially dangerous phishing emails – coming to you because a site to which you have registered has sold your email address to another company. Before registering for a site, check the privacy policy. If you have already registered, try to opt out. Most reputable sites will allow you to do so.
Watch out for generic-looking requests for information. Fraudulent emails are often not personalized, while authentic emails from your bank often reference an account you have with them. Many phishing emails begin with “Dear Sir/Madam”, and some come from a bank with which you don’t even have an account.
Never submit confidential information via forms embedded within email messages. Senders are often able to track all information entered. Never use links in an email to connect to a website unless you are absolutely sure the site is authentic. Instead, open a new browser window and type the URL directly into the address bar. Often a phishing website will look identical to the actual site- look at the address bar to make sure that this is the case.
Make sure you maintain effective software to combat phishing.