Cyber Spotlight
Recently, I upgraded several lines with our cell phone provider, which resulted in my dad and I getting new phones. The account is under my name, but a few days later he received a text message purporting to be from our cell carrier stating that he owed [insert high but realistic dollar figure here] as a result of getting a new phone. Conveniently, the message included a link to click to get more information.
Dad: “Hey, Meghan, take a look at this. Do you think I should click it?”
Meghan: “Noooooooooooo! Don’t take the bait!”
Get it?
Phishing, whether via e-mail, text message, or now even with AI-enhanced phone calls, are the most common way for scammers and cyber threat actors to get your information. For them, information is money in their pockets! A lot of these phishing attempts are sneaky ways to get you to type in your username and password to something, but even just a click can result in a lot of time and headache.
Here’s some tips to try and protect you and your devices from these phishing scams:
-
Go slow! Scammers rely on us responding to their sense of urgency, which can override our own common sense. Take your time to read the message and think, Did I really order something from FedEx? Was I on the highway recently where I would have used by EZ Pass? Or in my dad’s case, the AT&T bill isn’t even in my name so how would they know if I owe anything or not?
-
Take a look at the sender. This is a bit easier when you’re looking at an email, but either way. Do you know this person or organization? A lot of phishing emails look like they are going from a legitimate company, but really they have made up an e-mail address that looks very similar. If you are on a desktop computer, you can use your mouse to hover over the sender (without clicking!) to see if what they have typed as the e-mail address is really the actual sending address (For example, the message says it’s from Bank of America but the e-mail address is actually “bankof.ameriica.com”). If you’re on your phone, it is a little tricker, which means don’t click on any links in the message itself. If you think it’s from a legitimate sender, say an online shop you frequent often, log into your account to check the message that way instead of clicking on the link.
-
Remember you are (sort of) invisible to these big companies! There’s a lot more to be said here, but what I mean is: Microsoft/Apple/your favorite three-letter federal agency do not have the time or inclination to notify everyone individually about a bill owed or software that is out of service. No one will ever call, text, or e-mail and let you know that they found something on your machine and for $19.99 will clean it up for you. In that regard, you are not on anyone’s radar. So, if you get a call like that, hang up, or if it’s an e-mail or text, just ignore it.
In the wise words of Gandalf — keep it secret, keep it safe.
Have a cybersecurity related question? Send your question(s) to the Communicator and see if makes the next issue!