Last updated: April 13, 2016
How to protect yourself from cyber attacks
Below are some preventative actions you may take to protect yourself from cyber attacks that are intended to help you proactively look for emails attempting to deceive you into “clicking the link” or into opening attachments to web sites that may seem real, but are not. This method of trying to acquire your personal, sensitive information through nefarious deception is called phishing.
- Never click on links in emails. Even if you do believe the email is from a legitimate source, no matter whether it is from a third party retailer or primary retailer, visit the site directly in your web browser instead of clicking the link in the email, or call the retailer on the telephone.
- Never open the attachments. Most retailers will never send emails with attachments. If there is any doubt, contact the retailer directly before opening the attachment, and ask them whether the email with the attachment was actually sent from them.
- Never give out personal information over the phone or in an email if you are proactively contacted. Instead, call or email them back from a number or email address from their web site that you know is trustworthy. A reputable entity will understand your desire to take this action, and may actually encourage it.
Some other practical tips to protect yourself from cyber attacks:
- Set secure, strong passwords and don’t share them. Use a password generator online to help you generate a good one.
- Keep your operating system, browser, plugins, and anti-virus software up to date. These are usually available for free, and you can configure them to update automatically so you always have the latest versions.
- Verify the authenticity of requests from companies or individuals by contacting them directly. Don’t just assume they are who they say they are. Never give out any personal information when contacted proactively.
- Pay very close attention to the domain names in web addresses. Spoof websites with malicious content can sometimes use a variation in common spelling or a different domain to deceive unsuspecting computer users.
- For email, never automatically download attachments.
- Never click on links or respond to unknown requests sent through email or text message.
If you ever have any doubt about the source of contact, no matter whether its telephone, email or text message, you are probably right. Take just a moment to contact the party directly using a telephone number you know for certain is trustworthy, or an email address you know for certain is trustworthy.
For more information about keeping safe online, please visit the DHS’s Stop. Think. Connect Campaign web site.