Every day, thousands of people fall victim to phishing: fraudulent attempts to gain private information such as passwords or bank account details. Scammers use email, text or phone call to target unknowing victims and often pose as a trusted entity, for instance, as someone from your bank, the IRS or your utility company.
Phishing is one of the oldest known types of cyberattacks dating back to the 1990s, yet it’s still one of the most common and damaging. According to Pacific Business News, Hawaii consumers lost $6.1 million in 2019 to fraud and other scams. Common complaints filed by residents included imposter scams, identity theft, and prizes.
October is National Cybersecurity Awareness month and we’re sharing with you best practices for phishing defense.
- It could be a trick; think before you click.
Phishers attempt to make phony information look like it’s the real deal. When visiting websites, check for fraudulent domains/sub-domains, misspelled URLs and similar looking characters in URLs. If emailed a suspicious link, check for hidden URLs by hovering your mouse cursor over the link to see the actual URL. Be sure not to click!
- Keep calm and carry on.
The keep calm mantra might be cliché, but it’s useful to remember if you’re ever provoked with urgent language such as “immediate action required” or “act before your account is terminated.” Swindlers try to instill fear and panic, with the intent to trick you into sharing your confidential information or pressure you into sending money by wire transfer or by person-to-person payment like Zelle.
- Keep your private info private.
Know that CPB, and most other legitimate organizations, will never ask for your personal or financial information in an unsolicited email, text or phone call. When in doubt, contact the bank or company directly to verify the communication. CPB’s Chief Information Security Officer shares more tips to keep your private information safe, which you can see here.
- Don’t fall for a spoofed call.
Spammers use spoofing to fake caller ID profiles so it seems you’re receiving a call from your bank or a trusted business. This is done in attempt to trick you into answering the phone. If you didn’t initiate the communication and are being asked to share your confidential information, the best action is to end the call immediately. You can find CPB’s customer service phone number located on the back of your ATM, debit or credit card and call us directly to determine if the request is legitimate.
- Spell check is your friend.
Deceitful emails and URLs are often sprinkled with misspelled words and bad grammar. Those are signs of phishing, so don’t take the bait! Fake texts and emails go without being spell-checked because that detail is also part of the scam. A Business Insider article explains that phishing messages are so obvious because scammers seek gullible targets who, “faced with a ridiculous email, still don't recognize its illegitimacy.”
Being scam savvy is the best defense to keeping your personal information and finances safe. For more fraud prevention information, visit our website.