Data breaches do not typically happen when a cybercriminal has hacked into an organization’s infrastructure. Many data breaches can be traced back to a single security vulnerability, phishing attempt, or instance of accidental exposure. Be wary of unusual sources, do not click on unknown links, and delete suspicious messages immediately.

Phishing is a form of social engineering. Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. For example, an attacker may send email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond […]

Visiting a website for the first time, perhaps via an email link? Look for the tell-tale signs of phishing. These include misspellings and grammatical mistakes on the page, aggressive advertising and especially unusual and complex URLs. If you see some or all of them, leave the page immediately.

Phishers often steer would-be victims toward domains they falsely claim are legitimate sites, such as a bank’s web app or an identity verification landing page, insisting you act quickly. You can actually preempt this line of attack by keeping all your most important sites saved as bookmarks in your web browsers. These bookmarks can provide […]