Don’t Take the Bait Phishing occurs when criminals try to get us to open harmful links, emails or attachments that could request our personal information or infect our devices. Phishing messages or “bait” usually come in the form of an email, text, direct message on social media or phone call. These messages are often designed to look like they come from a trusted person or organization, to get us to respond. Stay Safe with Three Simple Tips 1. Recognize Look for these common signs: * Urgent or emotionally appealing language, especially messages that claim dire consequences for not responding immediately * Requests to send personal and financial information * Untrusted shortened URLs * Incorrect email addresses or links, like amazan.com A common sign used to be poor grammar or misspellings although in the era of artificial intelligence (AI) some emails will now have perfect grammar and spelling, so look out for the other signs. 2. Resist If you suspect phishing, resist the temptation to click on links or attachments that seem too good to be true and may be trying to access your personal information. Instead, report the phish to protect yourself and others. Typically, you’ll find options to report near the person’s email address or username. You can also report via the “report spam” button in the toolbar or settings. 3. Delete Delete the message. Don’t reply or click on any attachment or link, including any “unsubscribe” link. Just delete. If a message looks suspicious, it's probably phishing. However, if you think it could be real, don't click on any link or call any number in the message. Look up another way to contact the company or person directly: * Go to the company's website and capture their contact information from the verified website. Search for the site in your web browser or type the address yourself if you’re sure you know it. * Use another way to reach the person to confirm whether they contacted you. For example, if you get a strange message from your friend on Facebook, and you have their phone number, text or call them to ask if they sent the message. Link to Avoiding Social Engineering and Phishing Attacks: https://www.cisa.gov/news-events/news/avoiding-social-engineering-and-phishi... Link to Using Caution with Email Attachments: https://www.cisa.gov/news-events/news/using-caution-email-attachments Secure Our World Resources & Cybersecurity Awareness Month 2024 Toolkit https://www.cisa.gov/resources-tools/resources/secure-our-world-resources-cy... James Hale, ARM-P, ARM-E Risk Control Consultant County Risk Sharing Authority 209 East State Street Columbus, OH 43215 614.246.1630 FAX 614.220.0209 “ The leader in providing Ohio Counties with exceptional value, service, and protection of assets.”