With a Masters Degree in Digital Investigation & Forensics Computing from UCD, Rashmi joined Rapid7 as an associate analyst in 2018. Protecting one's privacy is of foremost importance to her, and she loves to share her cyber safety knowledge and emphasize the importance of security.
Phishing: A guide for parents
Have you ever received an instant message or email urging you to sign into your Facebook, Apple or online bank account? Maybe one that suggested an urgent security issue or that your account will be closed within 24 hours if you don’t login? Or a random message promising a voucher for a local supermarket to the first 50 people who click on a particular link? If you answered yes to any of these questions then like most people you have been a target of phishing. Phishing is when attackers or criminals send fake emails or messages to you in order to gain access to your account logins for fraudulent purposes.
CyberSafeIreland is very focused on ensuring that children are protected online. But as parents, in order to protect them, we also need to think about our own security. Developing good habits for ourselves is the best way to ensure that our kids grow up using technology in a safe, positive and smart way. We have all become reliant on technology, but this presents some challenges for us, one of which is receiving phishing emails, According to
the Canadian government there are 156 million phishing emails sent a day, they are impossible to avoid and becoming very realistic making them hard to identify from legitimate emails. In fact a study by McAfee in 2015 show that 95% of us can’t tell the difference between legitimate and phishing emails.
So let’s take one example. You could get an email that is purporting to be from your company, which would contain a URL and states that your salary has been credited. The link will be for you to login using your company’s credentials. As it turns out, it is the time of the month when you normally get paid so you see nothing suspicious in this. You click the link and are asked to login. Without any further hesitation you enter your email ID and
password into a site with your company’s logo. Little do you know that the website was fake and now criminals have all your details and will be able to login to your company’s website leaving you and your company compromised.
Another method which is most popularly used by these imposters is vishing. Vishing is phishing by voice call. For instance, you receive a call claiming to be an employee from AIB to ensure your account is valid. They ask you to confirm by providing them your name, account number and credit/debit card information. These criminals always pick a time which would be the busiest hour of the day for you. For example, 9 AM in the morning or 5
PM in the evening. This is a trick to persuade you into giving away your confidential information knowing you are in a hurry. By the time you realise this, fraud may have been committed.
Tips and tricks to avoid being taken in by a phishing scam
- THINK BEFORE YOU CLICK LINKS IN EMAILS!!!
- Check the senders email address. Think about it anyone can add the PayPal logo to
- Use secure mail services like Gmail, Proton mail, etc. which have secure filters to
spam all suspicious emails you receive from unknown sources.
- Look out for the grammatical errors in the email. ALWAYS. There is always a
possibility for the criminals to make mistakes. So watch out.
- If you receive an email containing a link, always go to your web browser and enter the website manually rather than clicking the link from email.
- Use genuine and updated web browsers like Google Chrome, Safari, Mozilla Firefox. There is always an option for you to link your browser toolbar and your antivirus.