The “golden” rule when it comes to dealing with phishing is to NEVER give away any information to the attacker, even if you’re still not sure if it’s legitimate or not.
Sensitive Information Includes…
🐟 Personal information:
- Social security numbers
- Addresses
- Phone numbers & other emails
- Date of birth.
🐟 Financial information:
- Debit card information
- Credit card information
- Bank account information
🐟 Account credentials:
- Username and passwords
- Security question answers
- Sending out your Duo code
Attacker Tactics
Reputable organizations will almost never request sensitive information over email, especially if the request is unprofessional, unprompted, and urgent.
Attackers often create a sense of urgency, tricking you into acting fast to claim a reward or avoid a bad situation. Before you click the link, pause and scrutinize the email.
If you do get to the point of inputting your information, check to make sure the URL of the website is credible and matches the organization requesting information from you.
🎣Don’t take the bait! Keep your information and organization cyber safe.