3 Ways Not To Get Phished You Can Start Doing Right Now

One of my clients has been battling it out with a group of email phishing scammers trying to trick employees into divulging PII, and because of their industry, they have a lot of PII.

The Tech Group has gotten involved: the network people are securing things further; the Sys Admins are adjusting their filters; and they've even added a banner to every email that originates outside the organization.

But, what about the rest of us? Here are three things you can do to avoid getting phished.

1. Never Email Personally Identifiable Information

Never send out an email containing any information you wouldn't normally feel comfortable shouting across a room filled with strangers. Email is inherently insecure. Do not email, under any circumstance, banking or sensitive personal information. Pick up the phone. Then it's just between you, the person you've called, and the NSA.

2. Don't Be So Damned Click Happy

Links in an email are a great convenience, but for most people, they're also dangerous. When you click a hyperlink in an email, you're not entirely sure where you are going to end up. In about 10 minutes, I can make a website that looks just like your bank and gathers your login credentials. You might not even realize that you've been phished.

Instead of clicking that link, go to your browser and type the address to your bank in. That way, at least, you're sure where you end up. This same idea applies to replying. If you get an email from someone looking for PII, call them up at the main office line for the company rather than replying. Basically, be sure you know who you're communicating with.

3. Don't Lose Your Cool

May of the most egregious phishing scams attempt to use a false sense of urgency to get you to act before you've thought through your actions. It is unlikely that your grandson and has been kidnapped by a Mexican gang. Especially if they're not in Mexico.

If you're being asked to send money on behalf of a relative, confirm with other relatives that the details make sense. Under no circumstances should you act right away. Even kidnappers understand due diligence. So, don't get pushed into acting without thinking.