Wednesday, November 8, 2017

Protecting Yourself from Phishing Strategies

Criminals who “phish” use different strategies to obtain your sensitive information. Many times phishing is associated with email but it is any strategy used where the goal is to “phish” sensitive information from you.

You may not realize it, but you are a phishing target at school, at work, and at home. Ultimately, you are the most effective way to detect and stop phishing scams. When viewing email messages, texts, or social media posts, look for the following indicators to prevent stolen passwords, personal data, or private information.

Protecting Yourself
  • Keep your Browser Updated. Phishers are exploiting a flaw in the web browsers “punycode.” “Punycode” is in charge of translating foreign domain names into English. This means criminals can register a domain name that, even after close visual inspection, appears normal.
  • Misspelling web addresses. Phishers can use a look-alike domain name such as “” hoping that you misspelled “” Use bookmarks for trusted websites to avoid manually typing web addresses.
  • Be suspicious of websites not using a certificate. A website using a digital certificate indicates that they are the rightful owner of the website. Certified websites will have an image of a lock and in Chrome the word Secure in green letters directly on the address bar. However, just because a website has a digital certificate doesn't necessarily mean that it is safe but it is a good indicator.

ex. Safari Digital Certificate
Screen Shot 2017-05-02 at 9.45.41 AM.png
ex. Chrome Digital Certificate
mac secure.png

For more information on how to protect yourself from phishing strategies, visit Manhattan College’s post here. If you feel that you might have been phished click here for more information on what to do next.