Phishing, i.e. “fishing” for passwords, sounds more harmless than it actually is. Cybercriminals use phishing as a gateway for various crimes, ranging from data theft to illegal account debits to attacks on business-critical IT infrastructures.
The risk is particularly increased when working mobile. This was revealed by a current study with 5.000 respondents from G DATA, brand eins and Statista. Around 20 percent of those who fell victim to a phishing email while working mobile had access data or personal data spied on. In comparison, in the office it was only 14,6 percent.
Cybercriminals cleverly trick their victims to get their data. It is therefore important to be particularly attentive when you are asked to take a specific action in emails. The criminals often pose as colleagues or superiors, which makes phishing emails initially appear trustworthy.
YOU SHOULD REMEMBER THE FOLLOWING RULES:
✓ Never click on links in an email that appears dubious. If in doubt, instead try to reach the page mentioned in the email body via the home page of the organization in question, without typing the provided link into the browser address bar.
✓ If you are not sure whether an email is legitimately asking for confidential data, it is best to call the organization of the alleged sender.
✓ Never share personal information such as passwords, credit card or transaction numbers via email.
✓ Never start a download link directly from an email whose authenticity you cannot rely one hundred percent on. If possible, always start a download directly from the provider's website.
✓ Never open files attached to a suspicious email.
✓ Actively log out or log out of each session of an online session instead of just closing the browser window.
✓ Never enter personal information on websites with an unencrypted connection. You can tell whether a website communicates with your browser in encrypted form by the abbreviation “https://” in the address bar and by the small padlock symbol next to the browser address bar.
✓ Always make sure that your antivirus software is up to date and the firewall is active.
✓ Always pay particular attention to the writing style and manner of communication in emails.
✓ Be suspicious of emails from unknown senders. If you are asked to take a specific action, such as installing a program or releasing information, always pay attention to your internal communication processes - especially when working remotely.
Source: Federal Office for Information Security, 2021
