ESET, a computer security company, shares 10 useful tips to act quickly if you notice that you have taken the bait and become a victim of a phishing email. 10 things you can do right away to minimize the damage.
Misspellings, strange grammar, urgent or threatening language, lack of context… are common signs of a phishing attack. However, some phishing threats are more difficult to detect, involving a significant investment of time and meticulous planning on the part of the attackers, even examining the target’s past communications, which ultimately making it harder to cheat. ESET, a leading proactive threat detection company, shares 10 things to do immediately afterwards to minimize the damage.
A popular tactic used by scammers in large-scale fraud campaigns is to take advantage of current events. For example, text messages that continue to reach many cell phones of people who identify as “they are beneficiaries of IFE”, a bonus that is not given today. These messages are intended to obtain personal data of victims through links with false forms.
“It only takes a few moments to become a victim of a scam and even IT professionals are exempt from this risk. You just received a seemingly harmless email with a link you need to click “before it’s too late.” But what if, after you do it, a feeling of discomfort comes over you and you realize that it’s all a scam?” commented Camilo Gutiérrez Amaya, Head of the ESET Latin America Research Laboratory.
ESET shares 10 tips on what to do after you take the bait:
- Do not provide additional information: Suppose you receive an email from an online store that, although it raises some suspicions, you click on the attached link without much thought, or out of curiosity, and even if it leads to a website that seems legitimate, doubts remain. The simplest thing is to avoid sharing more information: do not enter credentials or provide bank details or other data of similar sensitivity. If the scammers just want the data and haven’t compromised the device with malware, chances are you’ll be able to avoid the bait, or get away with it.
- Disconnect your device from the Internet: Some phishing attacks can result in giving you access to your computer, mobile phone or other device. They can deploy malware, collect personal or device information, or gain remote control. To minimize damage, it is important to act quickly. The first thing to do is to disconnect the device from the internet. If using a wired PC, simply unplug it. If you are connected via Wi-Fi, disable that connection in the device settings or activate the function airplane mode.
- Back up data: Disconnecting from the Internet prevents a lot of data from being sent to the malicious server, but the data is still at risk. Files should be backed up, especially sensitive documents or files of high personal value, such as photos and videos. Backing up data after it has been compromised can be dangerous because it may already have been compromised by malware.
However, files should be backed up regularly and protected. If malware infects the device, data can be retrieved from an external hard drive, USB flash drive, or cloud storage service.
- Run a scan for malware and other threats: Perform a full device scan using anti-malware software from a trusted vendor, while the device is not connected to the Internet. It’s a good idea to run a second scan using, for example, the free online scanner from ESET. Download the scanner to your computer or to a separate device, such as a USB hard drive, that can be inserted into the infected computer and install the software from there.
Do not use the device during the scan and wait for the results. If the scanner finds suspicious files, follow its instructions to remove them. If the scanning process did not find any potential risks, but you still have concerns, contact your security provider.
- Consider a factory reset: Factory reset means returning the phone to its original state by removing all installed apps and files. However, some types of malware may persist on the device even after a hard reset, however, wiping the mobile device or computer is likely to successfully remove any threats. Note that a factory reset is irreversible and will erase all locally stored data. The importance of taking regular backups cannot be stressed enough.
- Reset passwords: Phishing emails can trick you into revealing sensitive data, such as ID numbers, bank and credit card details, or login credentials. If this is believed to be the case, especially if phishing emails ask for a specific username to be provided – for example, in a LinkedIn-themed scam – you should change your login credentials immediately. , more so when the same password is recycled across multiple accounts such as email, online banking and/or social networks.
These situations highlight the importance of using unique usernames and passwords for different online services. Using the same credentials on multiple accounts makes it easier for attackers to steal personal data or money.
- Contact banks, authorities and service providers: If you provide bank or credit card information or access information on a website that has access to cards, you must immediately contact the entity that provided it. They can block the card or freeze it to prevent future fraud, thereby minimizing financial damage. Check if your bank (or payment services) has a refund policy for scam victims. To prevent other people from falling for this scam, inform your local authorities as well.
- Find the differences: If criminals gain access to one of your devices or accounts, they can change your login details, email address, phone number, or anything else that helps them gain a foothold on the account and replace it. for a longer time. Review social media activity, banking information, and order history for your online purchases. If, for example, you find a payment that seems strange, unknown or unauthorized, report it, change your login credentials and, if possible, request a refund.
- Search for unknown devices: If hackers steal your account data, they will likely try to log in from your own device. Most social media platforms keep a record of logged in sessions in their privacy settings. Do that check and force log out of any unknown device.
- Notify friends, contacts, service providers and employers: Sometimes scammers use the contact list of a compromised account to spread phishing or spam links. Remember this and take steps to prevent others from falling for the same scam.
If the cyber attack involves work accounts or company-issued devices, follow the rules and notify the IT department immediately. Major email services, such as Outlook or Gmail, also offer tools to report phishing emails directly from your inbox.