I may have had a near panic attack last week when I thought someone had successfully hacked into my email. Especially as I consider myself pretty aware of most forms of cyber attack. As mentioned in my July recap, I was even going to do a post on Cyber Security. I get a lot of scam emails. And no, not just those ones from people who wish to give me a million dollars. But more phishing emails which seem very credible and appear to come from trusted persons/ organisations.

how to avoid online scams

I’d just left the pub where my colleagues and I met up for drinks (and in usual fashion had a glass of white wine) when I got an email from ‘Microsoft’ notifying me that an attempt had been made to access my email from another device. they advised I log into my email to see details. No guys, this wasn’t even the wine acting, but I actually clicked on the link and put in my email address,  before a light bulb went off in my head.

Thankfully I hadn’t put in my password. But I was still so freaked out. I rang the husband immediately and asked him to sign into my account and change my password (See why you should be okay with sharing passwords?). I don’t think any damage was done because I didn’t actually enter my password. But the day my day accounts get hacked. Not just emails, but bank details. And such attacks won’t stop anytime soon, because it appears that a single bank account number could be sold on for up to $400 on the US black market. And every second, 350 billion sophisticated attempts are made to hack online information. Yep, you read right. 350 billion per second. 

We need to be extra careful. Let’s briefly talk about the different kinds of social engineering cyber attacks and then the top tips you need to know. 

Phishing

This pretty much what happened to me. It’s a type of social engineering cyber attack that relies on email messaging. It appears to be from a legitimate sender and requests you to take certain action and usually includes hyperlinks. Unfortunately once you do so, hackers obtain sensitive information for malicious purpose. 

Spear Phishing

This is slightly different from phishing as it appears to be from a familiar sender and contains specific content which seems reasonable. An example will be if my friend’s email gets hacked and the hacker sends email saying ‘Hi Kachi, I tried out this amazing drink. It’s awesome. Click here to check it out’. Think it’s from my friend I may be tempted to check it out. 

Smishing

This is used to describe text based or SMS based phishing scams. Often, the text message promises prizes by calling a number or clicking a link. These could however download malicious data into your device. 

To avoid being a victim of these scams, here are some top tips: 

1. Use a smart password

Reports suggest that it could take a sophisticated hacker less than 6 hours to hack a six-letter password. Believe it or not, the most common password is still “password”. A smart password attempts to strike a balance between being easy to remember and hard to guess. Names of the children, spouses and birthdays are often commonly used and should be avoided. Generally, a passphrase is a preferred option. It has personal meaning and could be from the lyrics of a song or a movie. Use of special characters is often advised. A passphrase like “don’t worry be happy” could be written as ‘d0ntw0rrYb3h@ppY’. The ys are capitalised, a becomes @, e becomes 3 and the O becomes zero.  Of course, be generally careful when using devices, to limit who can see your passwords!

2. Always check the sender of the email

Even if it appears to come from a legitimate sender like Microsoft, Dropbox or your financial Institution. Clicking on the senders name will reveal the true email of the sender. In addition, read the message carefully, as grammar mistakes and typos often appear in such scam emails. 

3. If the email asks you to click a link, hover across the link first to see the address and check if it looks legitimate. I’ll admit that sometimes these hackers get a bit tricky, and I’ve seen fraudulent mails appear a bit convincing like ‘admin@outlook.net’.

4. If you’re asked to click a website, avoid clicking it directly via your device. Instead, use a search engine or your browser to find the website. Also avoid replying directly to such emails, but open a new email and type a reply, if you must. 

5. If possible, scan all attachments for viruses before opening. 

6. Avoid as much as possible using unsecured connections / hot spots. These are connections which don’t request a password and are found in a lot of restaurants and airports. If you must use these, please avoid conducting any sensitive transactions on such connections. 

7. When travelling, it’s advisable to put your electronic devices in your carry on hand luggage and not in your checked baggage. 

That’s all folks. Stay safe online and I hope this is helpful. Please don’t forget to share!

Do you get such phishing / smishing messages. Had any bad experience or any tips to add. Are you one of those whose password is ‘password’? Share with us!

Love, 

Kachee… Xx

pS: Just before I posted this, someone on Twitter posted a phishing email he just received supposedly from his bank, asking him to click a link. Thankfully he checked the sender. Are you on Twitter? It’s becoming my fave social media account. Lets connect on there? Please comment leaving your handle or add me up: @KacheeTee

ppS: Can I ask for a little favour? If you like this blog even just a teeny weeny bit, could you please like my Facebook page HERE? Thank you! 


25 COMMENTS

Leave a Comment

Your email address will not be published.

25 Comments

  1. Precious

    August 16, 2016 at 14:45

    This just reminded me to keep my passwords more sophisticated. I often add numbers, symbols and weird things to my passwords then I forget them and create other ones. LOLThanks Kachee!I’m a huge Pinterest fan! You can follow me at http://www.pinterest.com/preciouscoreFacebook page has been liked. Keep rocking, girl!PreciousCore.com

    Reply
    • Kachee || KacheeTee.com

      August 16, 2016 at 17:40

      Definitely happens to me as well. I think up complex passwords and then forget what they are. Lool.Thaks a lot Precious! You’re always so supportive! Xx

      Reply
  2. Lohla's Melange

    August 16, 2016 at 18:22

    The current one now is a funny number sending you a text, telling you to callxyz number cos your ATM card has been deactivated or click the link below to reactivate. Even the language used is so juvenile, one would easily know its a scam. Nice post as always.I’m on Pinterest but not active, I just go there to get ideas for stuff mehn that place is packed. I got a lot of ideas I used for my wedding there.

    Reply
    • Kachee || KacheeTee.com

      August 16, 2016 at 21:49

      I think the JJCs still use poor language you can easily tell it’s a scam.Me too! I signed up for Pinterest to plan for the wedding, but it was so overwhelming!

      Reply
  3. Funke olotu

    August 16, 2016 at 20:09

    Man this is such an eye opener, I used to be careless with my email password like have actually given someone before *covers face* but since I started blogging it has been different but am still not careful.. this post scares me a lot and am changing most of my passwords ASAP!https://funkeolotu.com/2016

    Reply
    • Kachee || KacheeTee.com

      August 16, 2016 at 20:22

      Haha! So glad you found it useful. It’s okay to give people you trust I guess, but we should be generally careful. Xx

      Reply
  4. Chidinma

    August 17, 2016 at 00:58

    This is extremely helpful. My sis(family) almost fell scam to the SMS alert thing some years back.

    Reply
    • Kachee || KacheeTee.com

      August 17, 2016 at 16:17

      Sigh. Thank God she didn’t really!

      Reply
  5. Toluwalade Toyin-Kehinde

    August 17, 2016 at 05:21

    I got something similar just 2weeks ago from ‘my bank’ saying I didn’t do the bvn stuff so I need to enter some information. I was just like bruhh, jokes on you. I know I did my stuff… Forwarded the mail to my mum and she said its all scam lol… Days later my actual bank sends an email to beware of such mails. It actually looked so real and very believable… Sighwww.toyinwithfashion.com

    Reply
    • Kachee || KacheeTee.com

      August 17, 2016 at 16:17

      That’s always my fear. When it looks so real and believable and naive people fall!

      Reply
  6. Tunrie

    August 17, 2016 at 10:33

    Haha. It could help to have a smart password formula for your accounts.

    Reply
    • Kachee || KacheeTee.com

      August 17, 2016 at 16:16

      That’s what I do. Sort of. Definitely helps!

      Reply
  7. Uzoma | Don't Touch The Hair

    August 17, 2016 at 12:53

    These are really great tips. I keep getting all these strange emails from banks I’ve never used before. Straight to spam.Don’t Touch the Hair

    Reply
    • Kachee || KacheeTee.com

      August 17, 2016 at 16:15

      So many from banks these days. Obviously the scammers think we are more likely to believe. Phew!

      Reply
  8. XOse

    August 17, 2016 at 18:06

    Great tips!! Thanks for reminding me that I need to change my password!Love your blog! Let’s be blog buddies! Following your blog now :DxoSEhttp://www.sashaelizabeth.com/

    Reply
    • Kachee || KacheeTee.com

      August 17, 2016 at 22:41

      Hahaha @ password. You’re welcome!Thank you! Oh I think you were one of the first persons to follow me on Bloglovin. I follow you on there! 😊

      Reply
  9. favour moyse

    August 17, 2016 at 18:22

    Thanks for the post.. Really learnt a lot..FAVOURMOYSE BLOG  

    Reply
    • Kachee || KacheeTee.com

      August 17, 2016 at 22:39

      You’re welcome! Glad it was useful.

      Reply
  10. ALABATA OYELAMI

    August 23, 2016 at 12:00

    “Dear customer, due to our BVN system upgrade your ATM CARD has been de-activated, to re-activate, kindly call CBN Customer care on 0092348165928474″That was the fourth I got within three days! Which of my banks’ ATM cards, I’ll like to know?

    Reply
    • Kachee || KacheeTee.com

      August 23, 2016 at 12:05

      Can you imagine! Lol. And when did CBN start sending those messages to individual customers! 😒😒

      Reply
  11. CherishExpress

    August 24, 2016 at 23:29

    These scammers have obviously got no chill and will devise new means to catch preys. For days now, I’ve been receiving an e-mail from ‘World Bank’ telling me an ATM card was sent to Benin Republic to enable me withdraw xxxx amount of cash as a compensation for all the scams I’ve fallen prey to. (When and how did I get scammed? I dunno) I just mutter a curse for them whenever I see their message.

    Reply
    • Kachee || KacheeTee.com

      August 25, 2016 at 00:54

      Lmao @ curse. You’re a joker! Can you imagine. ‘World Bank’ indeed!

      Reply
      • CherishExpress

        August 25, 2016 at 02:12

        My dear… like how does World Bank know me? My local GTBank branch Manager does not even know I exist lol.

        Reply
  12. Mitchell Awah

    August 29, 2016 at 13:50

    Hello Kachi! Very useful info. A few weeks ago, I received an email from True Caller that someone had viewed my profile on True Caller and I should click a link to see who. The link Now required me to sign in with my email address and password. Which I did eek! Realizing now it was probably a scam to get my password. Cos I certainly did not get to see who viewed my profile. And I’m usually smarter about scam emails and texts o. Mtchew. That is how one sent me an SMS this morning with a normal looking num o that I have issues with my BVN, I should call one num (the same num that sent the text o) to rectify it or my ATM card will be blocked. Na so. When my delete button is still working. Mtchew. God help us all. I’m following you on Twitter Kachi! @MitchellXris and I’ll be sure to like your facebook page too!

    Reply
    • Kachee || KacheeTee.com

      August 29, 2016 at 13:54

      Thank you Mitchell! Glad you found this useful. They try to be smart these days, but there’s still a delete button so we stay smarter!!

      Reply

follow along on Instagram