Email or phishing scams represent one of the most common ways cybercriminals attempt to gain access to your information or to get you to send money, gift cards, or other goods. In these types of scams, attackers lure you into taking an action like clicking on a link, downloading a file, or providing account information. The attackers will often pose as someone you trust, such as a friend, family member, colleague, or supervisor. Learning to recognize phishing scams is the first step in defending yourself against them.
- Take your time – Cybercriminals are very good at trying to get people to take immediate action. Slow down and decide if the information seems unreasonable or too good to be true before taking any action such as downloading a file, clicking on a link, or responding to a text. Be suspicious and don’t send money, gift cards or account passwords via email or text.
- Consider the source – Pay attention to the sender of the email. Is it the correct address? Does the link or attachment seem reasonable? Best defense is contact the sender making sure it was a legitimate message. If you’re suspicious, forward potential phishes to firstname.lastname@example.org.
- Lock it down – Create a unique and strong password for every account you own and don’t reuse or share passwords across multiple sites. Using multi-factor authentication (MFA) adds an extra layer of security across your accounts.