Cyber Risks & Liabilities January-February 2022

How to Detect a Phishing Campaign

Each year, cybercriminals get smarter and find new ways to get personal information from online users. A common method cybercriminals use is phishing campaigns. Phishing is an attempt by a third party to solicit confidential information from an individual, group or organization by mimicking or spoofing a specific brand, usually for financial gain.

Statistics Canada determine that more than 1 in 3 Canadians have received a phishing attack. Because it’s so common, it’s important for people to be able to recognize the warning signs of a phishing message.

The following are email elements to look out for when spotting phishing messages:

1. The message asks for personal information.

Anytime an email, text or phone call asks for personal information, it should raise suspicion. Sometimes it can seem difficult to say no, especially if the email looks like it is from a supervisor or someone else of authority, but it doesn’t hurt to be cautious. Contact the person or organization that supposedly sent the information to verify the message. Most legitimate organizations will never ask for personal information via email or text.

2. The message involves a threat.

The sender of a phishing email wants the recipient to take some sort of action, and they usually do this by using a threat, such as pursuing legal action if the request goes unanswered. It is natural to want to respond to this type of email but think carefully about whether it is a legitimate request.

3. The sender is suspicious.

When receiving a strange email, take a look at the sender’s email. While the name might look legitimate, the email itself might have some clues. Phishing email addresses are often misspelt or do not match the normal naming structure of the organization from which it is pretending to be.

4. The sender wants a link to be clicked.

Oftentimes, phishing campaigns want the recipient to click on a malicious link to a website or to download a file in an attempt to get information off the user’s computer or network. Do not click on any links unless it’s known for sure it is from a legitimate source.

Contact The Hull Group today to learn more about different ways to prioritize cybersecurity.

How to Use Public Wi-Fi Safely

Public Wi-Fi is convenient to use and can help prevent having to use mobile data, but it can also present some risks. Cybercriminals can attempt to hack into a device through unsecured Wi-Fi networks. They can also eavesdrop on Wi-Fi signals to access personal information and login credentials. They could also use an unsecured Wi-Fi network to spread malware to other devices on the network. Some public Wi-Fi networks can even be fake hotspots that lure in users by having a similar name to the legitimate hot spot.

To avoid these types of situations, follow these tips to use public Wi-Fi networks safely:

• Turn Wi-Fi off when it’s not being used. Most devices that connect to Wi-Fi have a way to turn it off. When Wi-Fi isn’t needed, toggle that feature off so the device won’t search for it or connect to nearby networks.
• Use a firewall. When possible, install a firewall onto devices. A firewall is a security barrier between two networks that control the amount and kinds of traffic that may pass between the two. This protects local system resources from being accessed from the outside.
• Use a virtual private network (VPN). When utilizing public Wi-Fi often, it’s a good idea to use a VPN, as they direct all web activity through a secure, independent network that encrypts and protects a user’s data. Most internet service providers offer a VPN as a secondary service.
• Browse securely. Never trust the wireless encryption on a public Wi-Fi network. Instead, make sure websites scramble data by enabling secure socket layer encryption in the settings of the sites being visited. Additionally, make sure websites use HTTPS, which is more secure than regular HTTP sites.

Contact us today to learn more about staying protected from cyber threats.