Be cautious about clicking on links in emails, especially if the email is unsolicited. Hover over the link to see where it really goes before you click on it.
Many phishing emails contain obvious spelling mistakes or grammatical errors. Legitimate companies usually proofread their communications carefully.
Be wary if an email asks for sensitive information, such as passwords or credit card details. Legitimate companies will never ask for this information via email.
Phishing emails often try to scare or pressure you into acting quickly. If an email is aggressive or urgent, take a moment to verify its legitimacy.
Legitimate companies usually provide contact details in their email signatures. Be wary if the email is missing a signature or has only vague information.
Phishers often use email addresses that look similar to legitimate ones, but with slight variations. Always double-check the sender's email address before clicking on any links or downloading attachments.
Example: Look for subtle differences, such as a missing letter or a domain that looks slightly off (e.g., @amaz0n.com instead of @amazon.com).
Email attachments can contain malware or viruses. Avoid opening attachments from unknown or suspicious sources. If you're expecting a file from someone, confirm with them directly before downloading and opening it.
Example: If you receive an unexpected invoice or document, contact the sender via a different communication method (e.g., phone call) to verify its authenticity.
Pop-ups and unexpected redirects may attempt to trick you into providing personal information. Avoid clicking on them and close them immediately using the "X" in the corner, not by clicking any buttons within the pop-up.
Example: A pop-up might claim that your computer is infected and urge you to download software to fix it. Instead, run your antivirus software to check for issues.
Ensure that the website you’re visiting uses HTTPS (not HTTP) and displays a padlock icon in the address bar. This indicates that the connection is secure and encrypted.
Example: When shopping online, look for https:// in the URL and a padlock icon next to it. If these are missing, avoid entering sensitive information like credit card details.
Phishing tactics evolve constantly. Educate yourself on the latest phishing scams and strategies. Many cybersecurity websites and tools offer regular updates and alerts about new threats.
Example: Sign up for cybersecurity newsletters or follow trusted organizations on social media to stay informed about new phishing techniques.
Enable MFA on all your accounts where possible. MFA adds an extra layer of security by requiring not just a password but also a second form of verification (like a text message code).
Example: Even if a phisher obtains your password, they won’t be able to access your account without the second verification step.
Phishers often create a sense of urgency to compel you to act quickly without thinking. Be cautious of emails or messages that demand immediate action, like "Your account will be suspended!" or "You’ve won a prize!".
Example: If an email urges you to "act now" or risk losing access to an account, take a moment to verify the legitimacy before responding.
Protect yourself from phishing attacks with our CyberSafe Extension, which includes phishing detection, adblock, and a data breach checker.
Download Now