ADVERTISEMENT

On the prowl for nudes, California man steals 620,000 iCloud photos

Apple corp logo
Vilius Petkauskas
Vilius Petkauskas Deputy Editor
Aug 26, 2021 Updated: 28 September 2021 2 min read

Don’t get duped: how to spot social engineering attacks

  • Think before you act. Attackers create a sense of urgency because they want their victims to recklessly make snap decisions. You should always stop and verify. If your friend is suddenly asking you for money, call him on the phone, ask if he really sent the message.
ADVERTISEMENT
  • Check the message for legitimacy. If you received an email and something about it seems off, it probably is. Verify the domain names, they could end in .co or .con rather than .com. Typos, other spelling errors will be a clear giveaway that it’s an attempt at a phishing scam.
  • Don’t trust senders you don’t know. If you’re not expecting anything, don’t open any files you’ve received. Especially if they are marked with urgent flares.
  • If you didn’t participate but have won in the lottery, or a Nigerian prince is offering you money, then chances are you’re being scammed. Trust that if something seems too good to be true, it probably is.
  • If you’re unsure whether a website is genuine or not, look for CA certificates, especially if you’re connecting to banking sites.
  • Use 2FA authentication as a measure, should your password end up out in the open. You can periodically check your account for the latest security breaches and learn whether you’re affected. Scammers can use credential stuffing to take over your accounts, which can be used for contact spamming.

More from CyberNews:


ADVERTISEMENT