The other day, a friend asked me why so many people become victimized by malware (malicious software) that damages and steals information from personal computers and other electronic devices that are connected to the Internet.
Without even hesitating, I said, “Because they get tricked into clicking on links in emails and websites that plant the malware on their device. At that point, it’s almost always too late to stop the bad consequences.”
My friend then asked, “What’s the best way to not “get tricked?”
The easy answer is, “Don’t ever click on a link in an email that you’re not 100% certain is from a legitimate source. Otherwise, you may be the victim of a phishing email (an email that tricks you into providing personal and financial information used for identity theft and other forms of fraud) or you may unknowingly download malware that harms your computer.”
But the reality is that it’s getting harder to spot phishing emails and/or emails that trick you into clicking on a link or going to a website that downloads malware onto your device.
The criminals are getting more sophisticated with the fraudulent emails they send and websites they create to commit their crimes.
To demonstrate that reality, I’m going to suggest that you check out two articles I bookmarked earlier this month and take a test to see if you can identify fraudulent emails – phish.
The first article, “Can you spot the phishing scams and stay safe online?” provides a few Do’s and Don’ts when it comes to spotting and dealing with phish and other malicious emails.
But, equally as important, that article mentions an Interactive Phishing Quiz that Intel Security and CBS News created so that folks can test their ability to differentiate between a phishing scam vs. a legitimate email.
That quiz can be found at the bottom of the article, “Phishing quiz: Can you spot a scam when you see one? Don’t be so sure.”
And I have a suggestion to make the test as clean as possible. First, before you read any of the other material in those articles, take the interactive quiz at the bottom of the article linked in the paragraph before this and see how you score.
I scored 80%. That score puts me ahead of most security professionals – but I still was tricked a couple of times.
So for the fun of it – the challenge – see how you do and then read the suggestions in the articles.
But, most important, I want you to develop a mindset where you are suspicious of every email you receive until you examine it and determine that it’s safe.
Whenever in doubt – any doubt – don’t click on a link in a suspicious or unexpected email.
If it purports to be from a website that you do business with, ignore the provided links and go directly to that website from a link you’ve previously bookmarked. If the email is genuine, all the data and links you need will be at the website you went to independent from the email.
Yes, I know. It’s sad that in this day and age we can’t even trust email. But that’s the reality we live with today.
As always, please email me your questions and comments –[email protected]
Be safe, secure and free!
Rob Douglas – Former Washington DC Private Detective