Phishing Scams: How to Protect Yourself

Cybercriminals have been getting more sophisticated in their attacks, employing advanced technologies like automation and artificial intelligence (AI) to make their attacks more effective. While it once was considered secure to use a six- or eight-character password to keep your personal information safe, today’s cyber landscape requires stronger, more secure password protection.

Cybersecurity standards for logins have evolved. Law enforcement, cryptologists and cybersecurity leaders now agree that the longer and more complex a password is, the more secure the account it protects. One organization shows that the longer and more complex, the time required to crack the password can change from mere seconds to thousands of years.

One approach for creating secure logins is to replace traditional passwords with passphrases. Let’s look at what those entail.

A common phishing email scam involves a message saying there was suspicious account activity and, to unlock your account, you must provide personal information. Once you provide this information, the phisher can use it to clear out your bank accounts or make fraudulent purchases using your credit card. (A “smishing” scam follows the same logic, except the scammer’s mode of contact is via a text message.)

The most important thing to remember is this: Legitimate companies will not ask you to provide your personal information via email or text. They won’t call you and ask for it either. If you get such a message, immediately recognize it as a scam and delete it.

Financial institutions may notify you that they had to freeze your accounts based on suspicious activity, but then they’ll instruct you to unlock them. Rather than asking for your credentials, they’ll typically ask you to log into your online account over a secure internet connection to verify the transactions.

The moral of this story is if you ever get an email, text or phone call stating that there has been suspicious activity on an account, be on alert.

1. Never click on a link provided in a suspicious email, and don’t call any phone numbers they’ve provided. Instead, visit the organization’s official website and contact the customer service number listed there. Alternatively, you can call the number listed on the back of your bank or credit card.
2. Put your phone number on the Do Not Call Registry to avoid phone calls from scammers.
3. Set up your email inbox to filter out spam and phishing mail.
4. Hover your mouse over every link to verify it is going where you expect it to before you click.
5. 1 in 5 people fell victim to an impostor scam in 2022. In addition to phishing and smishing, these attacks also take the form of vishing (or voice phishing) where someone is impersonating the IRS, police, a bank teller or other forms of authority.

And remember that IdentityForce, a TransUnion brand, is always here to help monitor your identity and credit while providing you with the latest news and information in identity theft protection. IdentityForce can help monitor your identity and credit while providing you with the latest news and information on identity theft protection. Start your 30-day trial of IdentityForce today!