At Firelands Federal Credit Union, we want to ensure that our members have the resources they need to be safe and secure online. This Cybersecurity Awareness month, we're focusing on the dangers of phishing attacks and the steps you can take to avoid them.
What is phishing? Phishing is a method scammers use to trick you into giving them your personal information by sending emails and text messages that may look like they’re from a company you know or trust. They may look like they’re from a bank, a credit card company, a social networking site, an online payment website, or an online store and are often generically phrased not to include names or other personal information that real businesses would have.
Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. Once you open the attachment or click the link, the scammers may attempt to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could access your email, bank, or other accounts. Scammers launch thousands of phishing attacks every day — and they’re often successful. The FBI’s Internet Crime Complaint Center reported that people lost $57 million to phishing schemes in one year.
How to protect yourself from phishing attacks:
1. Protect your computer by using security software. Set the software to update automatically so it can deal with any new security threats.
2. Protect your mobile phone by setting software to update automatically. These updates could give you critical protection against security threats.
3. Protect your accounts by using multi-factor authentication. Some accounts offer extra security by requiring two or more credentials to log in to your account. This is called multi-factor authentication. The additional credentials you need to log in to your account fall into two categories:
- Something you have — like a passcode you get via an authentication app or a security key.
- Something you are — like a scan of your fingerprint, your retina, or your face.
Multi-factor authentication makes it harder for scammers to log in to your accounts if they do get your username and password.
4. Protect your data by backing it up. Back up your data and make sure those backups aren’t connected to your home network. You can copy your computer files to an external hard drive or cloud storage. Back up the data on your phone, too.
5. Think twice. If you get an email or a text message that asks you to click on a link or open an attachment, answer these two questions: 1. Do I have an account with the company or know the person that contacted me? 2. Was I expecting this email?
- If you answer “No” to both questions, it could be a phishing scam. If received, report the suspected message and then delete it.
- If you answer “Yes” to both questions, contact the company using a phone number or website you know is real. Not the information in the email. Attachments and links can install harmful malware.