A decade ago, if someone told me I needed to learn about phishing, I would likely have gone and picked out the newest book on bait and hooks and started studying. Today, that instruction has a completely different meaning. If you have a work email or use a work computer, there’s a good chance you’ve learned a thing or two about the other kind of phishing by now, whether it be from a mandatory course or from your own personal experience. Either way, it’s not exactly the most fun. But it’s important.
Phishing is a tricky tactic used by scammers in which they’ll contact you through your email or phone and attempt to trick you into giving your information. There are numerous strategies they might use, but there are also some ways to protect yourself. From using a burner phone app to simply studying up on the signs that a scammer is contacting you, here are some of the best and simplest ways to protect yourself from phishing emails and to keep your important information safe.
1) Familiarize yourself with the signs
The unfortunate thing about phishing emails and phishing texts is that they can be extremely convincing. I’ve been fooled myself; I once received a call from someone that came up on my phone as “Apple Inc.” with the Apple logo as a contact photo. It seemed legitimate, so I picked it up and a real person on the other end informed me that someone hacked my Apple account. Alarmed, I followed their instructions as they led me through my phone’s settings, explaining that they were helping me change my passwords and protect myself. Fortunately, I became skeptical once they asked for a few pieces of information from me about my phone and my account, and I hung up without giving them answers. After that, shaken up, I did a little self-educating and taught myself a bit more about phishing attempts, finding a few common tactics:
- They’ll send an email, call, or text alerting you your information has been hacked or that there’s been a suspicious log-in attempt
- They’ll send a link for you to click on – beware of links!
- They’ll bring up payment information in some way (it didn’t go through, there’s been a problem, etc.). Anything to get you to share your payment information with them.
- They’ll claim you’re eligible for something (a reward, a government grant, a refund) and include instructions to redeem
- They’ll pretend to be someone important and ask for a favor
And finally, they’ll often pose as a company or institution or even a person you know or trust, which leads us to our next tip…
2) Know Contact Strategies
In a constantly changing digital world, it’s impossible to know exactly how each important institution in your life might contact you in the case of an emergency. There are simply too many ways, and that form of contact might change. But it’s important to pick a few important accounts or digital spaces that have a lot of your information, like your bank or your Google account, and have a basic understanding of ways they might contact you in an emergency, and ways they never would. A lot of companies, such as Apple, will be prepared to educate you. When I searched “Apple phone call scam” online after my phishing scare, I immediately found a forum from Apple itself that explicitly said Apple will not call you, and if you get a call from anybody claiming to be Apple, it’s fake. My bank, too, has information online about how they’ll contact you in case of an emergency, or at least how they won’t contact you. If you choose some spaces that have a lot of your information, or at least the most important information, and just refresh your knowledge every now and then of how they will or won’t contact you in an emergency, you can protect yourself from getting scammed.
3) Protect Your Information With a Burner
Usually, when I hear the words “burner phone,” I think of action movies and murder movies and crimes. It doesn’t really seem like real life. But newsflash: burners, whether it’s a burner email or a burner phone, can be used to protect your privacy and information from phishers. If you have an email that you use for websites, one that you receive a lot of junk mail to and that you don’t use for your personal correspondence or for work, that’s technically a burner. If you don’t have one, we suggest you make one. And if you want to take your protection to the next level, we suggest you use a burner phone app, too. Thanks to new technology, a burner phone doesn’t have to be another physical phone you own anymore; it can actually just be a way for your phone to act as multiple phones, with different cell phone numbers for different purposes, but all of them linking back to your one, single phone. Burners, whether it’s a phone or email, are the perfect way to protect yourself from all of the “what if’s.” You can shop online and you can give your cell phone number to that dating app, but if you want to reduce the risks of falling for phishing emails, calls, or texts, you can use a burner for anything that makes you feel skeptical. Keep your personal email and phone number for the people you trust in your life, keep your work information for your workplace specifically, and have a burner for anything you feel could be a risk. This is the age of phishing; burners aren’t just for movies anymore.
More Tips: the Basics
The three tips above are some simple ways that you can educate and protect yourself in case of a phishing attempt. If you follow those tips and do your homework on phishing, you should have a decent foundation to protect yourself. However, that’s not all you can do. Here are a few more basic tips to keep you safe.
- If you don’t have an account with the company or institution contacting you, there’s a good chance it’s a scam. How could you have an account or payment issue if you’ve never set up an account?
- Take note if the rhetoric of the email seems fishy (pun intended). For example, if a company you do have an account with contacts you and calls you something like “Dear,” know that it’s probably a scam. Apple isn’t going to call you “Dear.” Neither is Tesla.
- Avoid sending your personal or financial information over email. Even if you’ve received an alarming and convincing email, see if you can speak to a representative first.
- Use unique passwords and two-factor authentication
- Get software to protect your devices. It’s worth it.