Pronouncing the word — Phishing — might provide a verbal stumble (it’s “fishing”), but it creates mayhem for everyone who uses a computer or digital device, often with devastating results.
What is Phishing?
Phishing is the illegal practice of trying to trick someone into opening a malicious email, then interacting with them to benefit the intruder and harm the recipient. Invaders try to gain access to your usernames, passwords and sensitive information.
Who Is Targeted by Phishing?
Everyone is a target, from small-business owners and government employees to students and retirees. If you have an email address, you’re at risk. There’s even a subdivision called Spear Phishing that directs attacks at senior leadership and high-profile candidates ranging from corporate executive to major nonprofits and government leaders.
What Happens When You Click the Link
The most common result is that you’ve released malware that harms your computer. It allows the intruder to gain access to private information such as usernames and passwords. But it can get worse. Some intruders will shut down your computer and force you to pay a ransom to regain access. It’s ransomware, the ultimate digital blackmail.
Why Phishing Works
Phishing is everywhere because of our digital world, with emails as a prime example. In 2017, hackers sent about 269 billion (that’s billion) phishing links and expect to reach 333 billion by 2020.
Phishing is a fear monger, which allows it to work so effectively. It occurs with delivery notices (FedEx, UPS, etc.) voicemails, coupons, false invoices, faked accounts and late health club notices. The idea is simple; create fear or tension in the recipient and get him to react. By creating this emotion, many people click on a link — what do you mean I owe the IRS? If even one person in your organization or company clicks on the link, the invader can compromise and devastate your entire network.
Are Small Businesses & Organizations Safe From Phishing?
No. Remember it is software programs (powered by artificial intelligence) that are searching for computers. They don’t know if you’re a mom-and-pop or a billion-dollar corporation. Sometimes, they’re not after your information but your clients’ or customers’ data.
Help. How Can I Protect Myself From Phishing?
No perfect method exists, but you can minimize entry with these actions:
- Question every mail. Sometimes you can tell if it doesn’t seem quite right.
- Question every pop-up. Don’t let a pop-up tantalize you into action.
- It’s amazing how people are afraid to ask an administrator or technician simple questions about security.
- Hover over the link. You can often tell something is “fishy” about it.
- Never send an email confirmation.
- Question every attachment. Many journalists will NEVER reply to an email that has an attachment. They want to remain virus-free.
- Security systems are constantly changing. You can only protect yourself by having the latest security updates and a strong malware program and following common-sense security rules. If you have an organization or business, you must ensure that your IT tech not only understands your network but that he is familiar with the most recent security protocols.
- When in doubt “go old school.” Use what I refer to as “high-speed voice technology.” If the email is from someone you know and it looks fake, pick up the phone and call them to verify.