Understanding phishing and how to prevent it

Those responsible for phishing have a range of goals including stealing information or money, sabotaging a company's systems, installing malware or sometimes luring the target to a website as part of the ruse.

Phishing scams often put pressure on recipients to act immediately, by sending a response, clicking a link, or both. Common methods of pushing recipients include stating that there has been a security breach or claiming that an urgent complaint has been received.

The cybercriminal reaches out in the hope that someone will "bite" and engage in conversation with them. When someone does, it allows the criminal to get a foot in the door and take further steps to try to fool the individual into taking additional actions. These actions are carried out with the intention of persuading the victim to divulge information (such as passwords or account numbers) or download something they should not.

Allan Lwanyaga, the SGA Group IT Manager gives some insights on how to deal with phishing:

How can individuals defend against phishing?

As an individual, you can defend against phishing by educating yourself about what it is and how it works. Knowing which warning signs to look out for could make a huge difference.

It is important to trust your instincts. If something does not feel right, stop and check. Phishing scams can be very sophisticated but sometimes all it needs to avoid falling victim is for you to step back from the situation and think twice before clicking a link or sharing a piece of information.

Remember: If something is too good to be true, or if an urgent request is unusual in that context, it is probably linked to fraud. If unsure, contact the purported sender yourself using a number or email address from their official website, which you ought to get from a search engine, not an email link.

What should you do if a phishing attack is successful?

If you believe you may have fallen victim to a phishing attack, here are some suggested steps:

1. Change any affected passwords - If possible, immediately change the password for any affected accounts. If this password was also used for other online accounts, change the passwords for those accounts to something unique and strong.
2. Contact the fraud department or the information security department of the breached account - If the phishing attack compromised your company's account at a financial institution, contact the bank immediately to report the incident. Monitor unauthorised transactions to the account.
3. Notify appropriate people in your company - follow your company's incident response plan to ensure the appropriate personnel are aware of the incident.
4. Notify affected parties - if the personal data of others (e.g., customers, suppliers) was compromised, be sure to notify them. Compromised personal data could be used for identity theft.