How to prevent and protect against Phishing

The key to protecting against phishing lies in the ability to recognize the cyberattack as illegitimate. Below are some key recommendations to follow:

• Choose strong passwords and be wary of posting your personal details on social media. Information like birthdates, addresses and phone numbers are valuable to an attacker.
• If there are any suspicions about an email or social post, contact the ICT Support to have them examine the situation.
• Only open attachments from a trusted source. When in doubt, check with the alleged sender directly.
• Note any language differences in messaging or emails that vary from legitimate organizational communications.
• Never give away personal information in an email or unsolicited call. For instance, financial institutions will never call and ask for login credentials or account info because they already have it.
• Inspect emails for typos and inaccurate grammar. This is usually a dead giveaway of less-sophisticated phishing scams.
• Don’t supply personal information via email or text.
• Beware of urgent or time-sensitive warnings. Phishing attacks often prompt action by pretending to be urgent.
• Verify emails and other correspondence by contacting the organization directly. If you think something is fishy, a phone call can quickly identify a legitimate call from a fake one.