With the news of yet another a massive data leak of some 2.7 billion records, this time allegedly coming from National Public Data, concerns about the robustness of protective and preventative measures continue to be discussed.
A data breach happens when confidential and sensitive data gets exposed to unauthorized third parties. Globally, there have been 17.8 billion leaked accounts since 2004, and over 300 million user emails have been affected in the UK alone.
The latest issue appears to include sensitive personal data for people in the U.S., UK, and Canada. The issue, along with others of a similar nature, has been highlighted in Surfshark’s global data breach monitoring tool. The report outlines the state of data breaches in the U.K. and globally over the last 20 years, and expert tips on how to protect from phishing attacks which may increase after personal information is leaked.
Cybersecurity company Surfshark’s cybersecurity lead Aleksandr Valentij has explained to Digital Journal how businesses can boost their protection by identifying phishing scams.
This takes the form of the following advice:
Check the sender’s email address
These might be crafted to resemble legitimate organizations but actually include a typo or additional characters. If you suspect the sender may not be legitimate, reach out to the organization they claim to be from and ask if the email is legitimate.
Check the email for typos
A grammatical error or other type of mistake is a big red flag and may signal a phishing email. Legitimate organizations take time to ensure their emails are professional and free from errors.
If you’re urged to click on a link, hover over it before clicking
If you’re using Chrome, when you hover over a link, you’ll see the link address in the bottom left corner. Make sure that the link begins with “HTTPS” (not “HTTP”), and that the name of the website matches that of the organization from which the sender claims to be.
Be careful with the “unsubscribe” link/button
If you received an email for the first time from a sender you never interacted with before — the rule of not clicking on any links includes the “unsubscribe” link. Threat actors often exploit this feature to trick you into following the malicious link.
Be wary of any requests for personal information
Is the sender asking you to disclose your sensitive information like name, password, or even bank information? That’s a sure sign of a phishing email, and your data would go straight to the hacker.
“If you suspect that you’ve received a phishing email, don’t interact with it and report it to your email provider. If it’s someone pretending to be a legitimate organization, you should also report it to that organization. Once that’s done, delete the email and stay vigilant for similar emails in the future”, Valentij advises readers.