Cybersecurity: How to avoid phishing scams

The information, guidelines and practices included in this article are provided for general information and education purposes and are not intended to provide professional security, risk mitigation or legal advice. Your security policies and risk tools should be tailored to your specific business, systems and practices. We encourage you to consult with a competent professional for any personal advice. Guesty will not be liable or responsible for any liability, loss or damage which may be incurred as a result of acting or refraining from action based on the content of this article
"Phishing" is the practice of tricking internet users into revealing personal or confidential information, which can then be used illicitly.
Since your rental business is internet-based, we thought it would be a good idea to share some common safety guidelines with you. See our suggestions below.

Be aware of phishing techniques

New phishing techniques are being developed all the time, and if you cannot recognize them, you could fall prey to one. So, keep your eyes peeled for news about new techniques.
For IT administrators, ongoing security awareness training and simulated phishing for all users are highly recommended, to make sure security is a top priority throughout the organization.

Think before you click!

It's okay to click on links when you are on trusted websites. Clicking on links that appear in random emails and instant messages, however, is not recommended. If you are unsure, hover over the link before clicking on it and ask yourself - does it lead where it's supposed to?
Whenever you are asked to provide information through a link, please remember that a phishing email may claim to be from a legitimate company, and when you click the link to the website, it may look exactly like the real website. However, the email may not contain your name. Most phishing emails start with "Dear Customer", so be alert when you come across such emails.
When in doubt, go directly to the source rather than clicking a potentially dangerous link.

Install an anti-phishing toolbar

Most popular internet browsers can be customized with anti-phishing toolbars. These toolbars run quick checks on the sites that you are visiting and compare them to lists of known phishing sites. If you stumble upon a malicious site, the toolbar will alert you about it.
This is just one more layer of protection against phishing scams, and it's completely free.

Verify the site's security

It's natural to be a little wary about supplying sensitive financial information online. As long as you are on a secure website, however, you should not run into any trouble.
Before submitting any information, make sure the site's URL begins with "https" and there should be a closed lock icon near the address bar. Check for the site's security certificate as well. If you get a message stating a certain website may contain malicious files, do not open it. Never download files from suspicious emails or websites. Even search engines may show certain links that could lead users to a phishing webpage that offers low cost products. If the user makes purchases at such a website, their credit card details will be accessed by cybercriminals. 

Check your online accounts regularly

If you don't visit an online account for a while, someone could be taking advantage if it. Even if you don't technically need to, check in with each of your online accounts on a regular basis. Get into the habit of changing your passwords regularly, too.
To prevent bank and credit card phishing scams, you should personally check your statements regularly. Get monthly statements for your financial accounts and check each and every entry carefully to ensure no fraudulent transactions have been made without your knowledge.

Keep your browser up to date

Security patches are released for popular browsers all the time. They are released in response to security loopholes that phishers and other hackers discover and exploit. If you typically ignore messages to update your browsers, you shouldn't. The minute an update is available, download and install it.

Change your passwords regularly

Practice scheduled password changes on your accounts and make sure you are using memorable but complex passwords.
Passwords should always be long. This is the most critical factor. Choose nothing shorter than 15 characters. Also, use a mix of characters. The more you mix up letters (upper-case and lower-case), numbers, and symbols, the stronger your password is and harder to crack.
Avoid common substitutions, which password crackers are aware of. Whether you use DOORBELL or D00R8377, the attacker will crack it. These days, random character placement is much more effective than common leetspeak* substitutions, in which standard letters are often replaced by numerals or special characters.
Avoid using sequential letters and numbers in your passwords, as well as sequential keyboard paths either, such as qwerty. These are among the first to be guessed.

Be wary of pop-ups

Pop-up windows often pretend to be legitimate components of a website, but they can actually be phishing attempts. Many popular browsers allow you to block pop-ups, or allow them on a case-by-case basis.
If a pop-up manages to slip through the cracks, don't click "cancel"! Such buttons often lead to phishing sites. Instead, click the small "x" in the upper corner of the window.

Never give out personal information

As a general rule, you should never share personal or financially sensitive information over the internet. When in doubt, visit the main website of the company in question, get their number and give them a call.
Most phishing emails will direct you to pages where entries for financial or personal information are required. An internet user should never make confidential entries through the links provided in the emails.
In addition, you should never send an email with sensitive information to anyone and, as mentioned above, make it a habit to check the address of the website. A secure website always starts with "https".

Use antivirus software

Special signatures that are included with antivirus software guard against known technology workarounds and loopholes. Just be sure to keep your software up to date. New definitions are added all the time because new scams are dreamed up all the time.
Anti-spyware and firewall settings should be used to prevent phishing attacks, and users should update the programs regularly. Firewall protection prevents access to malicious files by blocking the attacks. Antivirus software scans every file which comes through the internet to your computer. It helps to prevent damage to your system.
Was this article helpful?
0 out of 0 found this helpful