Develop a Strong Defense
When fighting social engineering scams, the best advice is to assess potential risks and react appropriately. Here are three key things to look out for (this March and all year long):
- Phishing scams – Beware of unsolicited emails that prompt you to act without thinking. Scammers will use a variety of tactics to make this happen: the promise of a great prize; notice of an account error, payment problem, or unauthorized access; or another hook that plays on your emotions and makes you feel immediately compelled to click a link, submit your data, or download a file. If you’re at all unsure of the source of an email, the safest thing to do is avoid it.
- Imposter websites – It’s highly likely there are sites out there masquerading as legitimate sources for bracket contests, tournament information, and NCAA goods. Just because a website looks safe on the surface, doesn’t mean it is safe. Logos and designs can be easily mimicked. If you aren’t familiar with a site, avoid sharing personal details, entering credit card data, or downloading files. It’s always safest to stick with a known, trusted entity.
- Malicious links, ads, and apps – How many clicks do you think a fake story about a #16 seed beating a #1 seed would get? How about an ad promising a $1,000,000 payout for a perfect bracket? And how many mobile users might download an app that promises to give insider tips and up-to-the-minute game tracking? Hackers and social engineers plant these sorts of stories, ads, and applications online and within social media in order to trick unsuspecting users into downloading malware or ransomware, turning over financial data, or granting access to their mobile devices. Don’t fall into these traps.
To harness a basketball playbook, think about adopting a “pick and roll” mentality. Make it a habit to stop and think before you act in haste, and don’t be afraid to move away from an email, website, social media post, or application that doesn’t pass the smell test.
Subscribe to the Proofpoint Blog