Top tips to avoid 'spear phishing'

goldfish in blue water

Do you know what to look out for to avoid spear phishing?

'Spear phishing' is a very dangerous type of phishing in which criminals target individuals or companies using very realistic 'bait' or calls to action, using publicly available information. Spear phishing could draw on information from websites, social media, annual reports, media releases, or other easily available information.

Some valuable tips from the Australian Cyber Security Centre on how to avoid spear phishing include:

  • Patch your personal and work computers regularly – the latest updates often include improved security capabilities
  • Where possible set up multi-factor authentication
  • Avoid using public wifi and usb charging hubs – these can be used as ways to gain access to your personal information
  • When setting up or changing a password, use a strong one. You can learn what types of passwords are strong by trying a few in this webpage: https://howsecureismypassword.net/
  • Be mindful of information you share about yourself socially and through work platforms, as all of this information helps hackers develop a profile on you
  • If you get an ‘urgent’ request, even from your manager, you may want to call them to confirm first. Hackers use urgency as a tool to get us to do things we normally wouldn’t
  • Prior to clicking on links – hover over them to see where they are going first. And rather than clicking on a link to a page such as a bank, open your own browser window to the bank
  • Report any IT security incidents early. It is better to report more than to let a hacking attempt go un-checked

For a telling insight into how easy it can be for someone to gain access to our personal accounts, watch this video

Tagged in SecureIT, Phishing