Cybersecurity Awareness Month: Phishing - Ways to Protect Yourself

Having trouble viewing this email? View it as a Web page.

IDR Capital Header 2

Cybersecurity Awareness Month: Phishing - Ways to Protect Yourself

October is National Cybersecurity Awareness Month. Cybersecurity is present in every aspect of our lives, whether it be at home, work, school, or on the go. This week's message is about how you can protect yourself from phishing attempts to steal your information.

  • Limit what you share online. The less you share about yourself, the smaller the target you are for a phishing attack. Cybercriminals use information you post online to learn how to gain your trust.
  • Protect your credentials. No legitimate company or organization will ask for your username and password or other personal information via email. Your bank definitely won't. Still not sure if the email is a phish? Contact IDRSecurity@iowa.gov
  • Beware of attachments. E-mail attachments are the most common target for malicious software. When you get a message with an attachment, delete it - unless you are expecting it and are absolutely certain it is legitimate.
  • Confirm identities. Phishing messages can look official. Cybercriminals steal organization and company identities, including logos and URLs that are close to the links they're trying to imitate. There's nothing to stop them from impersonating schools, financial institutions, retailers, and a wide range of other service providers.
  • Trust your instincts. If you get a suspicious message that claims to be from an agency or service provider, use your browser to manually locate the organization online and contact them via their website, e-mail, or telephone number.
  • Check the sender. Check the sender's e-mail address. Any correspondence from an organization should come from an organizational email address. A notice from your college or university is unlikely to come from YourIThelpdesk@yahoo .com.
  • Take your time. If a message states that you must act immediately or lose access, do not comply. Phishing attempts frequently threaten a loss of service unless you do something. Cybercriminals want you to react without thinking; an urgent call to action makes you more likely to cooperate.
  • Don't click links in suspicious messages. If you don't trust the e-mail (or text message), don't trust the links in it either. Beware of links that are hidden by URL shorteners or text like "Click Here." They may link to a phishing site or a form designed to steal your username and password.

    Next week's message will focus on social networking and ways to protect yourself. 

                                                                    

     

    The statutory mission of the Iowa Department of Revenue is to serve Iowans and support state government by collecting all taxes required by law, but no more.