We Are All Phishbait!
The act of phishing is to
In many different ways, people are trying to bait you with these too good to be true, must do immediately, solve all your problems in one solution. This is a SCAM! Do not fall for it and do not willingly provide any information in response to a random message (email or text) unless you specifically are expecting to provide such information for a capability or service that you have intentionally sought out (new banking institution, online merchant, etc).Recently, there has been a number of cyber crimes where ransomware (hackers have locked you out of your computer and demand you pay to unlock your computer for restored access) has shut down major health care organizations, city and county government organizations, and multiple businesses as well. During the 2016 US Presidential Election, the Democratic Party senior leadership information was compromised and multiple emails were shared with the public.
All of these types of issues were the result of exploitation of phishing attacks. What usually happens is that scammers utilize social engineering (the manipulation of people into sharing personal or confidential information) after looking at our Facebook pages, LinkedIn pages, or other forms of social media, learn about who we are and what we do, then attempt to take advantage of some type of human flaw and get us to divulge information that we wouldn't intentionally be willing to share. This weakness is the kindness in our hearts as people and desire to connect with the people around us. Exploitation of these friendly connections results in getting email addresses and other additional contact information.
These scammers/hackers will send us a phone call, text message, or email. Within an email may be a web-link to provide easy access to a familiar webpage, but the scammer/hacker has adjusted the link to either redirect through their computers or send the information to a completely fake website that many people are fooled is the real thing (and they are really good at faking websites). It's even harder to confirm the right website on our mobile devices (iPhones, Androids, Fire tablets, etc). If we do put in our login information, the scammer/hacker will collect that information, lock us our of our own website or even worse, use that information to steal from our own other personal accounts (banking, credit, etc). This is made even worse because we need complex passwords to make cracking our passwords hard for other criminals, so in many cases people re-use complicated (or sometimes not so complicated) passwords. If we receive a text message with a link, it is just as bad as the email previously mentioned. If they call us, they will create some emergency that force us to react but if I didn't initiate the call, then it's NOT my emergency and it shouldn't be yours either-so don't fall for it.
If you are worried about the issues listed here, there are a few simple recommendations to follow that will help prevent this from happening to you:
1) Use multi-factor authentication (SMS isn't great but it's better than nothing). It is recommended that you use an authenticator app like Google or Microsoft (can easily be downloaded from the associated app stores).
2) AVOID clicking on links from emails. If you need to visit a website, type in the website address yourself. Unless there is a reset that you specifically requested, attempt to avoid clicking any link in an email.
3) Use a password manager. There are many out there and they will recommend complicated passwords that can be saved in an app on your phone and shared to your computer. Any one such as Dashlane, LastPass, 1Password, Keeper, and Zoho can help you keep your information safer (there is no ultimate solution only a better solution). The following link provides a recommended list by PC Mag: The Best Password Managers for 2019.
If you own a business, you need to invest in a Spam filter such as Barracuda or get help picking with the following from Top 10 Reviews: Best Spam Filters of 2019. And, the last recommended step I have is to invest in Cyber crime insurance: The Top 5 Cyber Insurance Carriers on the Market.
There are many people out there trying to get your information. If you follow these simple recommendations above, you will be so much better prepared than many people out there on the internet. Again, there is no one stop shop solution to keep you safe from everything, but following these steps can definitely help keep you safer than most out there.