One of the most common types of cybersecurity attacks is phishing. Phishing is when criminals use fake emails to lure you into clicking on them and handing over your personal information or installing malware on your device that can lead to a security compromise.
If you have clicked on a phishing email, complete the steps below to reduce the damage.
If this occurs when you are working in an office, notify the IT department immediately.
Step 1: Close the website that opened from the phishing link
Do not download or fill out any information on the page.
Step 2: Scan for malware
- Mobile devices: Go to the Apple or Play store and scan all apps on applicable devices.
- Desktop/laptop devices: Use a virus and threat protection and security scan.
Step 3: Monitor account activity
Make sure that alerts are setup in order to get notifications of account actions. If you entered any credentials, change passwords on any accounts that may have been compromised.
Step 4: Reset devices if needed
Consider performing a factory reset if the device was compromised.
Android devices
Apple devices
Reset a Windows device
Reset a Mac device
Step 5: Disconnect computer from the Internet (if malware is found)
- Remove any cable or Internet connections.
- Disable cellular connection / enable airplane mode.
Minimize Phishing Email Problems Best Practices
How to spot a phishing email
In order to minimize clicking on phishing emails in the future:
- Review all email details for accuracy and don’t click on links that are suspicious.
- Avoid offers of quick income from cash or prizes after providing personal information.
- Use caution with financial institutions requesting identification or money transfers.
Phishing email example
Review the phishing email below. Warning signs include:
- The email from address
- The urgency of the message
- The free offer
How to block senders
Block a sender on Outlook
Block a sender on Gmail
Block a sender on Mac Mail
Block a sender on Yahoo! Mail
Routinely backup your device
Regular backups help protect against data loss while creating a copy that can be recovered in the event of a failure.
Apple devices
Android devices
Computer – external hard drive
Educate your staff
Security Awareness Training helps individuals become aware of best practices to help ensure the security of an organization. This education prepares employees with tools to protect an organization's assets from potential damage.
Contact LaScala today at sales@lascala.com to get started on Security Awareness Training to educate your staff on phishing email safety.
Sources
1 – National Cybersecurity Alliance: https://staysafeonline.org/
2 – KnowBe4: https://www.knowbe4.com/
Disclaimer
Please respect all trademarks mentioned in this document as their respective owners.
