How to Avoid Being Phished
Since the beginning of the internet there have been persons who see the internet as a place to exploit users. Phishing scams are some of the oldest scams on the internet. They will not go away any time soon. There are ways to avoid becoming a victim yourself. Remember there is no single foolproof way to avoid phishing attacks.
Here are some guidelines to keeping yourself safe:
- Keep Informed About Phishing – New phishing scams are being developed all the time. CSUN will post information about phishing scams, so please visit this web site often. By finding out about them as early as possible, you will be at much lower risk of getting snared by one. Taking the CSUN security awareness training is critical to understanding phishing, so if you have not done so, please complete as soon as possible.
- Think Before You Click! – Do not click on links that appear in random emails and instant messages. CSUN has a website that explains common phishing techniques. Hover over links that you are unsure of before clicking on them. Do they lead where they are supposed to lead? A phishing email may claim to be from a legitimate company and when you click the link to the website, it may look exactly like the real website. The email may ask you to fill in the information but the email may not contain your name. Most phishing are not personalized. When in doubt, go directly to the source rather than clicking a potentially dangerous link.
- Keep CSUN Informed of Possible Phishing Emails – If you believe you have received a phishing email through your CSUN email, please forward it to abuse@csun.edu. CSUN uses these phishing emails to improve its cyber security defenses.
- Keep Your Browser Up to Date – CSUN releases security patches for popular browsers regularly. But you need to update your browsers on your home computers. The minute an update is available, download and install it. Most browsers have ways to automatically update your browser.
- Keep your Antivirus Software Up to Date– CSUN will update your anti-virus regularly. New scams are also being dreamed up all the time so it is important not to block the updates. Make sure your home computer is up to date. Anti-spyware and firewall settings should be used to prevent phishing attacks and users should update the programs regularly. Firewall protection prevents access to malicious files by blocking the attacks. Antivirus software scans every file which comes through the Internet to your computer. It helps to prevent damage to your system.
- Verify a Site’s Security – You should be wary about supplying sensitive financial information online or entering a password. Once you know the site is legitimate, make sure the site’s URL begins with “https” and there should be a closed lock icon near the address bar. If you get a message stating a certain website may contain malicious files, do not open the website. Never download files from suspicious emails or websites. You can’t always trust search engines as malicious sites are created every day.
- Check Your Online Accounts Regularly – If you don’t visit an online account for a while, someone could be having a field day with it. Even if you don’t technically need to, check in with each of your online accounts on a regular basis. Get into the habit of changing your passwords regularly too. To prevent bank phishing and credit card phishing scams, you should personally check your statements regularly. Get monthly statements for your financial accounts and check each and every entry carefully to ensure no fraudulent transactions have been made without your knowledge.
- Be Very Wary of Pop-Ups – Pop-up windows often masquerade as legitimate components of a website. All too often, though, they are phishing attempts. All popular browsers allow you to block pop-ups. Some sites such as the portal or SOLAR requires pop-ups so you will have to allow pop-ups on these. If a pop-up does look suspicious don’t click on the “cancel” button; such buttons often lead to phishing sites. Instead, click the small “x” in the upper corner of the window.
- Never Give Out Personal Information – As a general rule, you should never share personal or financially sensitive information over the Internet. When in doubt, go visit the main website of the company in question, get their number and give them a call. Most of the phishing emails will direct you to pages where entries for financial or personal information are required. An Internet user should never make confidential entries through the links provided in the emails. Never send an email with sensitive information to anyone. Make it a habit to check the address of the website. A secure website always starts with “https”.
- Install an Anti-Phishing Toolbar on Your Home Computer– CSUN has tools when you are on campus or on VPN that blocks lists of known phishing sites. On your home computer, download an anti-phishing toolbar. These toolbars run checks on the sites that you are visiting and compare them to lists of known phishing sites. If you browse to a malicious site, the toolbar will alert you about it.
