Best Practices: Keeping You Safe from Phishing

With an influx of hacking attempts and ever-evolving tactics, the Michigan Credit Union League has put together some up-to-date best practices for credit unions to follow regarding phishing emails.

Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details (and money), often for malicious reasons, by disguising as a trustworthy source in an electronic form of communication, often contained in an email.

A phishing email usually contains a link with directions asking the recipient to click on it. Many times, these emails come from someone you are familiar with and have had contact via email with in the past. Clicking the link then sends the user to a web page that appears authentic. There, the user will find a prompt to input information like a username and password, or even additional financial or personal data.

The hacker is able to capture this information and use it to further criminal activity, like theft, overtaking the user’s email account to send out further fake emails and similar types of criminal activity. Listed below are a few was a user can help protect themselves from phishing scams.

Never Click on Hyperlinks in Email

Never click on a hyperlink included in an email. If a user really feels as though they need to check out the website the link claiming to be associated with, that user should manually type the URL into the web browser themselves to check the legitimacy.

Never Enter Sensitive Information in a Pop-Up Window

Pop-up windows represent another tool used by phishers. An important rule to prevent phishing attacks is to never enter information into a pop-up window.

If It Feels Suspicious, It Probably Is

If you are being asked for information from a person who you do not expect to ask for that information, question it. Reach out directly to that user or business. If you do not know the sender, do not supply information.