April 1 is a great day for pranks. But for cybercriminals, April 1 is a great day to prey.
On April Fool’s Day, cybercriminals will work to take advantage of people when they feel more comfortable with fake news and announcements online. When these computer users lower their guard and become less skeptical about what is and is not real, they become much more vulnerable to online scams.
PriorityOne Group advises everyone to keep your guard up this April 1st. Here are five things to watch out for.
1. Phishing emails. Phishing is the use of fraudulent messages that appear to come from a legitimate source, such as retailers, Internet service providers, credit card providers and banks. These messages usually direct the recipient to a fake website or use other means to get a user to share private information, such as account, credit card and personal details. This information is then used to commit identity theft, make fraudulent purchases or pursue other crimes.
To help identify phishing emails, pay attention to the sender email address. Do you know the sender? Examine the subject line and the body of the email for spelling mistakes, typos and obvious grammatical and spelling errors. If an email includes an attachment, ask yourself: Does this sender typically send attachments?
Other possible warning signs include the email being overly formal or too informal for the context. If the email asks you for personal information or to click hyperlinks, be cautious.
If you believe an email you receive is fake, immediately inform your IT staff so they can review the letter and, if necessary, update your spam solution. Then delete the email. If you are unsure about whether an email is fake, consider calling the supposed sender to verify legitimacy. Make sure to manually look up the sender's phone number; do not use any contact information provided in the email as it may be fake as well.
2. Fake websites. While phishing emails may try to direct you to fake websites, there are a number of other ways cybercriminals attempt to get users to visit dangerous web pages. Always be wary of clicking hyperlinks, even if they appear to come from a friend on social media. Popular features on networks like Facebook and Twitter, such as April Fool's Day jokes and videos, can lead curious victims to click on unsafe links intended to steal personal information or infect computers with viruses and malware.
If you visit a website that appears to be fake, inform your IT staff immediately and run a scan with your anti-virus/anti-malware software.
3. Unfamiliar apps. Installing apps or browser extensions that you have never heard of on your smartphone or tablet can leave your data more susceptible to theft. Before installing apps or extensions, review the permissions. If the app requests access to personal information that does not seem necessary for its operation, look into the legitimacy of the app before proceeding with approving the permissions and installing the solution.
4. Emails from unknown senders. Phishers and spammers are constantly working to grow their list of legitimate email addresses to target. They will often send millions of messages to random email addresses in hopes of finding real users and verifying the validity of email addresses.
Think twice about responding to a message from a sender you do not know. If the email is from a phisher or scammer, doing so will likely get your email address added to their database. Then you will likely experience an increase in these types of messages — some possibly more sophisticated — in the future.
5. "Amazing" offers. Be wary of any online offer you encounter that would seem too good to be true. It probably is. Whether it's for a free iPhone or cruise, the next big stock pick or a contest you won (but don't recall entering), these may all be ploys by scammers. They're hoping to get your attention and then convince you to open or forward an email, click or share a link, download a file or program, share personal information or make a purchase.
Before doing any of these, stop and review any fine print included in the email closely (if there is no fine print, consider this a potential red flag), then get a second opinion from your IT staff. If the offer is real, you should be able to take the time necessary to verify legitimacy without losing out on the opportunity.
While this is all sound advice for April 1, follow the guidance provided here every day to better protect yourself. It is better to be safe than end up looking like a fool.