Phishing: How to avoid it

  • Published
  • By Airman 1st Class Cory Gossett
  • 56th Fighter Wing Public Affairs
LUKE AIR FORCE BASE, Ariz. --  Nearly everyone connects to the Internet, be it Facebook, shopping online or emailing at work. Being connected to the Internet has made life significantly easier, and while the World Wide Web is generally safe, it's important to be aware that criminals are online looking to exploit individuals through any means necessary. One method criminals use to steal a person's information is through a scheme called phishing.

"Phishing is a technique used by scammers to acquire information such as usernames, passwords and credit card details," said Airman 1st Class Nicholas Burnett, 56th Communications Squadron information assurance technician journeyman. "They do this by attempting to masquerade as trustworthy sources."

Different types of phishing include, whaling, spear phishing and clone phishing. Spear phishing is the most successful and the most common type of phishing. It involves criminals targeting specific individuals or companies. Whaling is when criminals target senior executives or high profile targets within a business or organization. Clone phishing is where a hacker takes a previously delivered email containing attachments or links and creates a nearly identical email. The email looks authentic but it has been altered so that a hacker may obtain private information.

While there are multiple ways a criminal can obtain personal information from users, there are also many ways users can prevent it.

"Pay attention to the details of a message," said Senior Airman Kevin Scheel, 56th Communication Squadron information assurance technician journeyman. "Make sure to verify the display name of someone emailing you. It might look familiar but remember to check the actual address to be sure it's one you recognize."

Make sure to verify it's a secure website before clicking on any website link. Websites that handle sensitive information will use encryption, indicated by the site beginning with 'https.' A lock icon will also appear in the browser's uniform resource locator.

It's important that users remain vigilant against phishing attempts at work and at home.

"If you receive an email at work that you can confirm is a phishing attempt, contact your information assurance officer," Scheel said. "They will send it to Wing Information Assurance to verify. While at home, you should delete generic spam emails you receive. If you receive emails directed to you as a military member, trying to gather information about you, report it to your IAO, so they can notify WIA."

The Information Assurance Office is running pop-ups on base computers containing additional online safety tips throughout the month. Tips include social networking safety, how to prevent credit card information from being stolen, and Wi-Fi dos and don'ts.

For more information and additional tips, visit the wing information assurance office SharePoint site at http://go.usa.gov/dqW3 or call 623-856-3560.