Want to avoid identity theft, prevent your bank account being raided, and more? Here’s how!
The simplest way to avoid falling prey to any phishing attack is to always be very suspicious of emails asking you to “confirm your details” or enter a password on any website, anywhere.
First, some general tips before we get onto software that helps:
- Never click any links provided in emails unless you are very confident of the source and content of the email.
- Always check the URL of a link that’s shown in an email - “hover” the mouse over the link without clicking it.
- Remember that malware is getting better at faking not just the From address of emails, but the name of the person sending it too (by grabbing real contact details from a victim’s PC). Sometimes it will look like an email from a friend or colleague, but something will be a little “off” in the message. If in doubt, contact the sender to confirm.
PC software tips to help combat phishing
- Use the free anti-phishing features in your web browser - Internet Explorer 7 and Firefox 3 include this, so make sure it’s turned on. There are free anti-phishing tools as well.
- Be sure that Active Scripting is turned off in Outlook 98 or earlier (it’s the default in later versions). This makes it easier to fake the URL in a phishing email, and there’s absolutely no reason why this should be enabled. See Tools, Options, Security, and put Outlook in the Restricted Zone.
- Check the good advice from Antiphishing.org on how to avoid this and other phishing scams.
General security tips
- Make sure you have good anti-virus and anti-spyware tools installed, and that the anti-virus being updated daily. But even the best tools will miss 30 to 50% of viruses and spyware, so that’s not enough on its own.
- Make sure that you have enabled Microsoft Update, and let it run automatically to apply all the latest Office and Windows security updates.
- Install and use Secunia Personal Software Inspector - this free tool scans all your software (not just Office and Windows) and lets you know which programs need updating to close security holes. This is really important to close some very commonly exploited security issues. (Secunia estimate the average PC has 12 applications with security vulnerabilities.)
While these last few tips won’t help with phishing attacks, they will help with some Outlook security issues where even viewing an email can let hackers into your PC.
I haven’t mentioned firewalls, largely because the Windows built-in firewall is not too bad, and most add-on firewalls generate so many alert messages with questions that only experts can really know how to answer. Something to write about in the future maybe…
What are your tips to prevent phishing? Do you know someone who’s been a victim of phishing, and what lessons did they learn? Feel free to let me know your thoughts below.
Comments on this entry are closed.