Phishing attacks are so common nowadays, there's a great chance that you'll have at least one pop into your inbox this week.
Of course, this is nothing new. Criminals have been trying to trick us into handing over sensitive information or infect our devices with malware like this for years.
Which is why it's critical to know how to spot a phishing email. This should help. Plus, we now know which businesses hackers impersonate the most.
Criminals are spoofing these companies
When we first started warning you about phishing emails years ago, they were much easier to spot. Criminals were more careless back then and would send messages full of typos and bad grammar.
Fast forward to today and criminals are using sophisticated tools to spoof messages and websites that make them look official. You might get an email that contains the official logo from a company with perfect language that seems legit.
One of the most common phishing attacks these days comes in the form of an IT scam. You'll receive a message pretending to be from Microsoft, claiming something has gone wrong with your gadget.
To fix the problem, you either need to click on a link inside the message or call a specific phone number. Both methods lead to all kinds of trouble. You could end up handing over sensitive information that will be used to steal your identity or give the crooks credit card data that they'll use to steal from your account.
But Microsoft isn't the only company criminals are impersonating. There are many others. Security firm Vade Secure recently published a list of the 10 most impersonated brands in North America. Here's the list:
10 most impersonated companies
- Bank of America
To no one's surprise, Microsoft is on top of the list. But as you can see, criminals are impersonating plenty of other popular brands, too. Netflix, Facebook, PayPal and more.
If you ever receive an email from any of the companies on the list, be careful. It could be a phishing scam. Keep reading for suggestions on how to defeat a phishing attack.
Ways to outsmart a phishing scam
Be cautious with links
Do not click on web links or open PDF attachments found in unsolicited email messages, it could be a phishing attack. If you need to conduct business with any company, it's always best to type its web address directly into your browser. Never trust a link that's inside a message.
Use unique passwords
Many people use the same password for multiple websites. This is a terrible mistake. If your credentials are stolen from one site and you use the same username and/or password on others, it's easy for the cybercriminal to get into each account.
Also, it should go without saying, but online accounts are so much easier to break into with simple passwords. So if you're still using password1234, stop doing this. Stop yesterday. Click here to find out how to create hack-proof passwords.
Safeguard sensitive data
Unsuspecting people are mistakenly handing over sensitive information to scammers all too often. If you receive an unsolicited email, do not send payment or reply with personal information. You don't want it to fall into the hands of criminals.
If a company that you do business with on a regular basis emails you and asks for personal information, type the company's official web address into your browser and go there directly to be safe. Or, give them a call using a trusted phone number like those found on the back of your debit or credit card.
Apps that are tracking you and stealing your data
Have you ever had an app ask you to access your phone's location? How about the app that wants access to your smartphone camera and contact list. It has become second nature to share this info with the app, but did you ever stop to think: where does all this data go? Our lives are being tracked and sold to companies. In this podcast you will learn who is tracking you, how they can get to your personal information and most importantly where your data is being sent.