Skip to content
Although the internet is an amazing technological innovation that helps us to stay in touch with family and friends, be more productive at work, and find seemingly endless forms of new information and entertainment, cybercrime is also an unfortunate reality of life online. One of the most pernicious—and sadly, increasing—forms of cybercrime is known as phishing.
Below, we explain what phishing is and how to guard against it. With some common sense, a careful eye, and a few simple precautions, you can avoid falling victim to phishing attacks and stay safe while using SCTelcom’s high-speed fiber internet.
Phishing and Its Targets
At its core, phishing manipulates and tricks individuals and organizations into revealing sensitive information like their usernames, passwords, financial data, and personal identification details. These attacks are typically carried out via emails, text messages, or fake websites that impersonate legitimate entities—and those clever, albeit nasty, impersonation attempts can be devastatingly effective.
Phishing attacks also attempt to lure you into a false sense of security before you momentarily let your guard down. Seemingly innocuous text or email messages disguised as communications from authentic businesses or even governmental agencies can con even the most internet-savvy among us. And unfortunately, unsuspecting senior citizens are often phishing scammers’ prime targets.
Although phishing scams have evolved in sophistication, there are still several key strategies and precautions you can take to protect yourself. Here are several tips and practices for staying safe and arming yourself against phishing attacks.
1. Be Skeptical of Unsolicited Messages
The most frequent phishing attempts are initiated through unsolicited emails and text messages. These messages often contain a sense of urgency or threaten negative consequences if you don’t act quickly. Whether it’s a problem with your bank account, a missed delivery, or a security alert from a trusted service, you’re typically prompted to respond or act (usually by clicking on a link and following its instructions) immediately.
Cybersecurity experts implore online users never to trust unsolicited communications, especially when they involve asking for personal information or money. Legitimate companies will never request sensitive details like your password, Social Security Number, or credit card information through email or text.
Thus, if you receive a suspicious message, don’t click on any links or download attachments, and avoid responding to the message in any way. Instead, go directly to the official website of the business, institution, or organization, or call their customer service number to verify the message’s legitimacy.
2. Examine the Email Address and URL Closely
By now, you may be asking yourself: “But how do I know if an email message is suspicious before I even open it?” This is an excellent question, and thankfully, you can often find clues or signs of a phishing attempt without opening the message or clicking any links.
Phishing emails often come from addresses that look suspicious (sometimes nonsensical) or slightly altered to mimic real ones (with characters or symbols that don’t really belong there). For example, an email that appears to come from your bank may have a sender address that looks remarkably like the legitimate address but is slightly off from the official one. Check the email address carefully, looking out for subtle spelling errors or extra characters like a dash or a symbol that could indicate a fake sender.
If you happen to read the message, you can still take steps to protect yourself before clicking any further. Hovering your mouse over any links in the body of the message (without clicking) will reveal the actual URL of any website you’re urged to click. Be cautious of any links that don’t exactly match the official website address.
3. Note the Message’s Greeting
Be wary of messages that don’t include your name or use generic greetings like “Dear Customer” or “Dear User.” This is a tell-tale sign that something is off. Recipients should treat the message with grave suspicion and act cautiously.
Remember that businesses you trust, like your bank, will usually address you by your proper name in their official correspondence with you. So, even noting the greeting in a message can help you glean whether the message you’ve received is a phishing attempt or not.
4. Check if the Message Contains Spelling and Grammar Mistakes
Similarly, be on the lookout for whether the message is polished or sloppy. Professional emails from legitimate companies are typically well-written, with proper grammar and spelling throughout the text.
If the email you receive contains strange formatting, misspellings, awkward phrasing, or other errors, it’s a strong indicator of a phishing attempt. Again, most scammers are casting a wide net and don’t take the time to draft a perfect letter—and that sloppiness can help save you from being phished!
5. Enable Multi-Factor Authentication (MFA)
One of the most effective ways to add an extra layer of protection against phishing is to enable multi-factor authentication (MFA) on your accounts. MFA requires more than just your password to log in—it often involves an additional step, such as a code sent to your phone or a fingerprint scan.
Even if a hacker manages to steal your password through a phishing scam, MFA provides an additional barrier that makes it much harder for them to gain access to your accounts. Most major online services, including email providers, banks, and social media platforms, offer MFA as an option—make sure to turn it on for all your critical accounts.
6. Verify Requests for Sensitive Information
Finally, if you receive a message that asks for personal or financial information, always verify the request through a secondary channel. For example, if you get an email from your bank asking you to update your account details, call the customer service number on the bank’s official website—not the one in the email or text message—to confirm the request.
Typically, legitimate companies won’t ask you to verify sensitive information over email or text. If in doubt, always contact the company directly using a verified phone number or email address.
Phishing attacks are a serious threat, but with proper vigilance, healthy skepticism, and a few smart precautions, you can significantly reduce your risk of falling victim to these scams. Stay aware and always trust your instincts—if something feels off, it probably is. And to learn more ways to keep you and your family safe online, follow SCTelcom’s social pages for additional cybersecurity recommendations.
