While the world continues to navigate life during a pandemic, countless families and individuals are struggling financially. In a truly malicious response to the situation, scammers are launching phishing attacks that claim to offer financial assistance to those in need.
The phishing email impersonates your local government and it states that you are eligible to receive financial aid. You’re directed to click a link in the email for more information. If you click the link, you are taken to a phony government website. The site asks for personally identifiable information, including your social security number. Once you’ve provided this information, the site claims that you will be contacted regarding your aid. Don’t be fooled! Anything you enter here is sent directly to the cybercriminals.
How can you tell if an email is safe? Even if you catch red flags in an email, such as typos or poor grammar, an urgent demeanor, or even a spoofed domain, how can you truly decipher the safety of an email?
An immediate step you can take is to watch out for one of the most critical tell-tale signs of a phishing email – a mismatched or fake URL.
Why is hovering important? What can it do for you?
Hovering not only allows you a moment to think before proceeding, it allows you the opportunity to see where a link is going to redirect you. This is especially important because not all links lead to where they appear, or insinuate they'll go.
When you hover, check for the following to ensure you're staying safe and secure:
This past July, Twitter fell victim to an infamous social engineering attack. The attack gave hackers control of over one hundred high-profile accounts - from politicians to celebrities. The hackers used these accounts to scam Twitter followers out of money. Now, cybercriminals are using this event as bait for a convincing phishing scam.
The phishing email uses text that is very similar to the official statement that Twitter made in response to the July attack. The email claims that due to a security breach, you must confirm your identity by clicking on a link in the email. If you click the link, you are redirected to a site that looks very similar to the real Twitter login page. The site is actually a look-alike designed to steal your login credentials. Any information that you enter on this page is delivered straight to the bad guys.
Don’t be fooled! Follow these tips:
What is MFA and Why Aren't Passwords Alone Good Enough?
If you’ve heard of Two-Factor Authentication (2FA), then you’re familiar with MFA. MFA, or MultiFactor Authentication, simply requires an individual to provide two or more credentials to authenticate their identity, thus adding an extra level of protection to user accounts.
