Cloning vs. Hacking: How to spot the difference when you are targeted
We need control over how our data is used.Read
Our mission is to help our partners expand throw capabilities to meet market demand so they can secure our world.Contact Us
Freedman is accustomed to working remotely, but for many working from home this is new territory.
“In the business world, you can walk around the corner and say, ‘Joe, did you send me that email?’” he said. “In the personal world, there’s not much reference material right now.”
“They’re not necessarily targeting you as an individual, it’s kind of like a shotgun approach to get as many as possible,” Billy Steeghs, a cyber security expert who works with Freedman, said.
To show how easy it is for scammers to prey on people, Steeghs created a phishing email, or an email that’s intended to look like it came from someone else in hopes that the recipient will be duped.
For his example, Steeghs made the email look like it came from Amazon, a popular place to shop online.
“So, it’s $10 and it says apply to your Amazon account,” he explained. “Who wouldn’t fall for this?”
With emails like this, scammers can get access to your account the moment you input your credentials. Then it’s up to the cyber criminals what they decide to do with your personal information.
So, how do you spot it?
“I’m hovering over this Amazon account, you see I’m hovering over it and this is an action you can do, and you can see to the left it doesn’t actually say Amazon.com,” Steeghs said.
Whenever you receive an email and there’s a link attached, hover over the link but don’t click it. While hovering, look at the bottom left of your screen. The website’s URL will pop up and if it doesn’t say the website it claims to be from, Steeghs said it’s a fake.
“That will always pop up,” he said. “You just have to hover over the link but don’t click.”
If you do click on a phishing email’s link, you’ll be taken to a website that looks just like the real one — all the way down to copyright at the bottom.
From there, it will ask you to put in your credentials. Once you click submit, you will be re-routed to the real website and the cyber criminals will have your login information.
“You should be lucky if it’s only taking your credentials,” Steeghs said. “It could also have loaded some malware on your computer that now starts spying on you.”
Yes, someone could be spying on your devices or computer.
Steeghs said one way to see if you are a victim of malware and someone has been inside your accounts is checking your browser history often and making sure you recognize all the websites listed there. If you think your device has been compromised, Steeghs recommends clearing your history and checking it again later.
“I would stop storing passwords in your browser,” he said.
So the next time you see a pop-up in your browser asking if you want to remember a password, click never.
Freedman suggests making your passwords more complex. You shouldn’t use the same password for all of your logins. You should also change your passwords frequently. And if possible, use two-factor authentication.
“Let’s turn those passwords them into 12 characters letters, numbers, uppercase, lowercase symbols,” he said.
Since it’s recommended to have different passwords for everything, it’s easy to keep everything straight. Steeghs and Freedman both recommend using the app Last Pass, which provides a free standard service.
When it comes to public Wi-Fi, Freedman recommends always staying away from it and using a hotspot instead.
If you have to use Wi-Fi, he recommends connecting a secured server and never putting in any personal information.
So best to do the online shopping at home.