How to Prevent Phishing

Owned by Thuc Phung
Last updated: Oct 24, 2021 by Andrew Molloy
2 min read

Phishing is an attempt to gain access by email and there are many different types of email approaches scammers use. Learn about them HERE.

DO (for Phishing Prevention)

  • DO Take All Personal  Info Off Public Sites. Sometimes scammers can figure out your security question answers by looking at your Facebook page. Change your security questions. They could have been captured by a previous breach.
  • DO Update Computers, Phones and Other Devices as soon as they are available. They often contain patches to known security holes.
    DO Avoid 3rd Party Email Productivity Apps like Edison, Cleanfox and Slice from your email to sell. Though they specify that they keep the data anonymous, the data can be tied back to specific people.
  • DO Look at the URL. Secure sites will have a ðŸ”’ icon in the beginning or an “S” right after the http. The “S” stands for secure. Any genuine account login page or form will have an https:// url.
  • DO USE a Communication Platform, such as Microsoft Teams, to Cut Down on Your Emails. The fewer to get through, the less likely you are to get hooked by a phishing attack.

DON’T (to Prevent Phishing)

  • DON’T Act Quickly. Review emails carefully.  Make sure the urls match the link texts. Roll over the “from” name and any links or buttons.
  • DON’T Verify by  SMS (texting). Use an authentication app such as  Google Authenticator (App Store / Play) or Microsoft Authenticator (App Store / Play) . 
  • DON’T Download Files From Cloud Services from an Email Link. Log into those sites (e.g., Dropbox, Google Drive) and see if the file is there. If it isn’t, contact the sender to make sure it is legit.
  • DON’T Click on Any Links, Reply to the Email or Call the Number Provided in the Email. Talk to the sender by using a phone number or email you already have to verify that the email is real. If you don’t have a number, visit the company website directly and find it.

NEVER! (Phishing Prevention Tips)

  • NEVER Send Your Social Security Numbers, Account Logins or Credit Card Information in an Email.
  • NEVER Provide Sensitive Information over the Phone To Someone Who Called You (or sent a phone number by email as mentioned earlier)Always use a known number or find a direct number on the company website.
  • NEVER Download Email Attachments unless you are know the sender and have verified that they sent the email. 
  • NEVER Download Drivers or Software Patches. Your IT team should be maintaining this for you and can apply these remotely or over a secure connection.

Lastly know that emails aren’t the only mode of attack.  They can start with a phone call or text.  With all of these tactics, your best defense is training your team on how to avoid falling victim. 

Got Phished! Now What?


Credited to: https://swatsystems.com/