I want to be clear. I don’t like talking about politics on this site. It’s not because I don’t believe in causes or stand with or against people on specific issues. My problem is that whenever I talk about politics, there is inevitably someone who knows way more about a subject than I do, and I end up looking like an idiot. I do my best to stick to my corner of the universe and carry on. That being said, with what’s going on in Ukraine right now, I figured it would be a good idea for all of us to brush up on some Cybersecurity safety tips. I feel that there will be a serious uptick in Phishing, Smishing and Vishing in the next while, so knowing what to look for and how to avoid getting hacked will benefit us all.
1) Check the sender’s address – It is relatively easy to set up a free e-mail account with someone else’s name on it. Anyone you send e-mails to would not see your name but the one you set up when you do this. In this regard, you could receive an e-mail from “Bob Smith,” but the e-mail would be 123542@yahoo.com. It’s important, therefore, to make sure that the person who is e-mailing you actually matches their e-mail address. If you are a good friend or relative of Bob Smith’s and Bob’s e-mail is usually “bsmith@gmail.com” then seeing an e-mail names Bob Smith with any other e-mail address could be bogus.
2) Be suspicious of urgent issues– One of the more prevalent tactics that hackers use is to try and scare you into action without stopping and thinking about what you’re doing. “HOLY CRAP, YOU’VE BEEN LOCKED OUT OF YOUR ACCOUNT!!!! ENTER YOUR CREDENTIALS TO VERIFY THAT YOU ARE WHO YOU THINK YOU ARE!!!” is a fairly common phrase. What they are banking on is that you, as a busy person, will be too busy to acknowledge that you are handing over the credentials to your account (this could be back account, e-mail or whatever) without actually realizing it. If you truly have been locked out of an account, companies make you aware of a much more regulated way. They would never try and scare the pants off of you.
3) When in Doubt, Delete – Back in the day, you could spot a phishing e-mail a mile away. The spelling and grammar would be awful, the pretense for the e-mail would be ridiculous, or it would just give off a vibe that would seem wrong. Sadly, phishing e-mails have become much, much more sophisticated. For the average user, spotting them easily is getting harder and harder. On a professional level, if your workplace has a way of dealing with Phishing e-mails, I would highly advise that you use it as much as possible. If in your personal life you have an e-mail and no access to an IT group that would be able to analyze the e-mail for you, it’s better to delete it and carry on.
4) Call and verify – We’re all very concerned with hacking and cyber security, although we don’t necessarily think about it all the time (unless, of course, you’re like me, and that’s how you make a living). That being said, there are methods that hackers can use which are more sophisticated to impersonate someone’s e-mail address. If you get an e-mail from someone you know and the hair stands up on the back of your neck, you can always pick up the phone and call the person. I couldn’t imagine where someone genuinely e-mails you, and you call them and ask, “Hey, I just got an e-mail from you, is it you?” and the other person would get upset. I advise calling people because if the sender’s e-mail has been compromised, then e-mailing them back for verification will get a response from the hacker, which is not helpful for you.
5) Phishing is more than just e-mail – I mentioned the terms Smishing and Vishing at the top of this post. The reason is that Smishing (or SMS phishing) and Vishing (Or Voicemail phishing) are gaining more prevalence in day-to-day life. I usually get a random text advising me to click a link from a random phone number once or twice a month. None of these texts or auto dialled calls sound legitimate (which is good), but I would imagine it’s only a matter of time before they start looking better and better. It’s definitely something to keep an eye on.
The good news is that the user has to take action for any cyber security attack to work. The ball quite literally is in your court. If you are cautious and vigilant, it’s very likely that you won’t get hacked. What is happening in Ukraine right now is awful, and the fact that the Russian government, which has a long-standing history of using Cyberwarfare, started this whole thing by sending a virus to Ukraine is something to be concerned about. It’s entirely possible that if and when they fail to secure Ukraine, they will lash out at other countries, companies and individuals using all the cyber means at their disposal. It’s never been more important to stay vigilant and protect yourself against potential infiltrations and be highly suspicious of any electronic communication that wants you to click links or download attachments. Any one of those could be a virus. I stand with Ukraine, I stand with their people trying to defend their nation, and I stand with the Russian people who are just as horrified by the actions taken by the Russian government as the rest of us are. It is my greatest hope that this conflict will end soon and that the Ukrainian people will be able to fend off this unwanted aggression. For now, keep safe, stay vigilant, and keep an eye on those e-mails.
Let me know in the comments section below. If you like this blog post and want to see more, you can follow me on Social Media (LinkedIn, Twitter, Instagram, and Facebook @jasonlovefiles) or Subscribe to my blog to get new content delivered directly to your mailbox.