Let’s take a look at how to prevent phishing attacks in 2023.
Since the pandemic, phishing attacks have skyrocketed. The majority (over 95%) of them happen via email.
This concerns not only businesses but regular internet users too – people are being tricked into giving up their personal data, such as social media account credentials, credit card information, or even social security numbers.
This is especially important around the holiday and shopping season, as hackers tend to prey on people looking for better product/service deals and discounts.
Keywords, although competitive, have very high search volumes.
All of this makes an article on phishing and how to protect yourself from such attacks a lucrative content opportunity that could potentially bring in a considerable amount of organic visitors.
How to Prevent Phishing Attacks in 2023
Phishing attacks that are often meant to steal personal data, such as account credentials or credit card information, are one of the most frequent hacking attempts that are only increasing in popularity.
Not only this can end up in, for example, social media accounts being stolen, but also financial losses or even identity theft.
Knowing how to identify a phishing attempt, and how to protect yourself from such attacks can save you a lot of trouble, as especially during shopping periods, an increasing amount of people are being targeted.
It’s essential not only to react to such attacks but take preventive measures too, as removing your data (email address or phone number) from various listings can significantly reduce your chances of being targeted by such an attack.
What Is a Phishing Attack?
In the broadest sense, a phishing attack is meant to lure out various personal information, such as said login credentials, financial logins, etc.
It is often carried out by criminals sending an email, a text message (‘smishing’), or even calling (‘vishing’) and pretending to be a representative of a legitimate institution, for example, a bank, a well-known online shop, government, etc.
During such attacks, the victim is often asked to provide (or confirm) some of their personal information (by asking to enter their credentials using a fake link, for example).
A sense of urgency often accompanies this – your account has been breached, there’s a very limited and exclusive deal, etc.
Types of Phishing Attacks
- Phishing and email phishing. The most commonly known methods of phishing – hackers imitate a legitimate business or an institution and send out massive amounts of emails. In this case, it’s more about quantity than quality.
- Spear phishing. Phishing attempts aimed at an individual or an organization are tailored more carefully.
- Whaling. Phishing attacks aimed at CEOs or other high-profile people.
- Smishing. Phishing via text messages.
- Vishing. Call phishing.
- SEO phishing. Hackers aim to rank fake websites high in Google’s search results, so people would visit these sites by entering queries on Google.
How to Spot a Phishing Attack:
- Sense of urgency. This is meant to make people react quickly without thinking the situation through.
- Too unreal to be true. This can be either an offer too good to pass or a bad situation that seems too unreal, contributing to the sense of urgency, and not allowing the victim to think.
- Unusual sender. Most phishing attacks try to imitate a legitimate sender (phone number, email address). However, there’s usually something off, e.g., a letter is left out.
- Bad grammar. Grammar mistakes often accompany phishing emails and texts.
- Hyperlinks. Hyperlinks and shortened links that lead to fake pages are often used.
- Attachments. File attachments, especially .exe files, are also found in phishing attempts. These often contain malware or ransomware.
- The more data points the attacker has (email, employer, physical address, the more likely the attack is to succed.
What Proactive Measures Should Be Taken
Never give out your personal information (email, phone number) to unknown sources that ask for it.
Install antivirus software and use a password manager to generate unique and complex passwords for your accounts.
However, your contact information is likely already in various databases.
Data brokers that maintain such databases sell data not only for marketing purposes but also to various criminals that use this information for phishing attempts.
Therefore, removing your data from as many databases as possible is crucial.
Tools, such as Incogni, contact data brokers and ask them to remove your personal information from their databases for you.
This can significantly reduce the number of phishing attacks against you, as fewer hackers will have any means of contacting you.
Incogni is Here to Help!
- US customers can now get Incogni on NordVPN.com checkout:
- 2 years + 3 months of Incogni cost 3.59 USD per month
- 1 year or 1 month plan costs 3.99 USD per month
Incogni makes a list of data brokers that are likely to have customers’ information (such as Social Security number, physical address, phone number or email address);
Such data can be used for marketing, recruitment, financial, health purposes or even further scams and phishing attempts.
This can result in unwanted ads, influence loan eligibility or insurance rates, and increased risk of attacks.
After a list of potential data brokers is made, removal requests to delete personal data are sent out.
Even after deleting user information, brokers are still being sent the data removal requests on a recurring basis, because they tend to collect the person’s information again after some time.
Users can monitor the process (potential databases found, requests sent, requests completed) on their Incogni dashboard.