7 Ways to Prevent Phishing Attacks in 2021

Keepnet Labs
3 min readJun 8, 2021

--

As more criminals turn to online scams to steal your personal information, phishing prevention has become very important. Phishing emails can appear deceptively reliable. Some are even personalized specifically for you. Since you will likely end up with a phishing attack, you need to know the red flags. Because scam is nothing new on the web, but phishing is harder to detect than you might think.

Here are 7 key steps to prevent phishing attacks in 2021…

1- Learn to Identify Suspected Phishing Emails

New phishing attack methods are constantly being developed, but they share common points that can be identified if you know what to look for. The sooner you learn the latest attack methods and share them with your users through security awareness training, the more likely you are to avoid a potential cyberattack.

2- Rotate Passwords Regularly

If you have online accounts, you should make it a habit to change your passwords regularly to prevent an attacker from gaining unrestricted access. Your accounts may have been compromised while you are unaware, so adding an extra layer of protection with password rotation can prevent ongoing attacks and lock down potential attackers.

3- Don’t Click Any Link

Even if you know the sender, clicking a link in an email or instant message is generally not recommended. The least you need to do is hover over the link to see if the goal is correct. Some phishing attacks are quite sophisticated, and the target URL may look like a carbon copy of the actual site, set to record keystrokes or steal login/credit card information. If you can go directly to the site via your search engine instead of clicking the link, you should do so.

4- Don’t Give Your Private Information to an Unsecured Site

If the URL of the website does not start with “https” or you do not see a closed lock icon next to the URL, do not enter sensitive information or download files from that site. Phishing scams may not be intended on sites without a security certificate, but it’s better to be safe than sorry.

5- Don’t Ignore Updates

Receiving lots of update messages can be frustrating, and you may tend to delay or ignore them. Do not do this. Security patches and updates are often released for a reason to keep up with modern cyberattack methods by patching vulnerabilities in security. If you don’t update your system, you could run the risk of phishing attacks through known vulnerabilities that can be easily avoided.

6- Don’t Be Persuaded by Pop-Ups

Pop-ups are often linked to malware as part of attempting phishing attacks. Most browsers now allow you to install free ad-blocking software that will automatically block most malicious pop-ups. If someone manages to get rid of the ad blocker, don’t try to click! Occasional pop-ups try to deceive you where the “Close” button is, so always try to have an “x” in one of the corners.

7- Test and Train Your Employees!

With Keepnet Labs’s Phishing Simulator, you can proactively test your employees’ vulnerabilities by sending harmless phishing attacks to your team and tracking their actions.

However, measuring your organization’s vulnerability to phishing attacks and cyber threats usually means nothing unless you have a current process to make improvements through education. Keepnet Labs Awareness Educator ensures that users caught by Keepnet Labs’s Phishing Simulator are more aware of threats and better equipped to detect complex phishing emails in the future.

Author: Hector
Cyber Security Researcher

--

--

Keepnet Labs
Keepnet Labs

Written by Keepnet Labs

Keepnet is an anti phishing solution and cybersecurity awareness training platform