CyberSecurity Month: Tips to avoid being phished

October is Cybersecurity Awareness Month. And just today, Twitch has been breached, badly.

How does this relate to phishing, you wonder? Well, 91% of cyberattacks start with Phishing, that’s how.

Phishing is a type of social engineering where an attacker sends a fraudulent message designed to trick a victim into revealing sensitive information to the attacker or to deploy malicious software on the victim's infrastructure like ransomware.

Bad actors continually capitalize on widespread fear and uncertainty, and you are your first line of defense.

These are red flags that could indicate you are about to be phished by email:

Is there a sense of urgency? Does it try to make you do something fast?
Is this email expected?
Does it contain an attachment?
Does it talk about some “error” or “due date”?
Is the email tagged with an EXTERNAL EMAIL?
Is the FROM in the email different from the actual email address? (Just hover the name)
If it sounds too good to be true, then it is.
Think twice before clicking on a link. Hover it and check that the domain is legitimate. Bad guys usually remove or replace a letter in URLs, for example, “AMAZ0N.COM”. See what I did there?
Does the email contain an attachment?