Memorial Day marks the unofficial start of summer, the season to enjoy some downtime with family and friends. As you relax, remember not to let your guard down when it comes to “phishing.”
Phishing, or the deceitful practice of sending an email designed to entice the user to click on a malicious link or attachment, is one of the most common forms of social attack. In their quest to obtain confidential or personal information for fraudulent purposes, cybercriminals use many devious forms of social engineering to influence behavior. They prey upon human vulnerabilities to tempt people to click. Phishing is a campaign favorite.
The good news is that most people don’t click on phishing emails. According to the Verizon 2018 Data Breach Investigations Report, 78% of people didn’t click on a single phish all year. Unfortunately, an average of 4% of people in any given campaign will click. Though this percentage appears to be low, it only takes one click to let a cybercriminal into a business or personal network.
The best defense is remaining aware and vigilant in managing your in-box:
- Avoid distracted clicking; focus on the task at hand.
- Do not reflexively click. Always think before you click. If you have the slightest doubt, do not click!
- Be cautious of unrecognized senders. Be aware that sometimes email addresses are slightly modified to appear legitimate.
- If you believe you know the sender but are still suspicious, contact him/her to confirm validity before clicking.