UW–⁠Madison Information Technology
Connecting & supporting our digital campus
Phishing scam

What not to share online

Posted by DoIT News on January 28, 2021

This article was published on January 28, 2021 and has not been updated since. It remains published for archival purposes, but its subject matter may be out of date.

Criminals are continually evolving to find your digital Achilles’ heel, so be sure you’re up to speed on the latest practices to prevent hacking into your data.

There are a number of proactive measures you can take to protect yourself. Use strong, unique passwords for every website and online account, install the latest updates on your web browsers and operating system, and consider placing fraud alerts or security freezes on credit accounts, are just a few. One of the best practices is to be judicious about what you share—and don’t share—online.

Criminals may take the time to stalk and find out as much information about you, so whatever you share online via social media, email, or other digital channels is ripe for their taking. Spear-phishers, sources who pose as familiar individuals within a personal network after doing their research on a potential cyber victim’s online behavior, use email or text messages to attack with malicious attachments or links within a body of a message or attachment. (Phishers also pose as trusted sources, but those are usually large businesses, not personal connections). Given this infiltration tactic, don’t click on links in an email, email attachment or text message that don’t match the URL description when you hover on those links. Learn other ways to identify potential phishing scams.

So how else can you protect yourself from online scammers?

  • Install an antivirus solution and keep it up to date.
  • Use unique and strong passwords.
  • Maintain a dedicated firewall.
  • Regularly clear cookies on your browser.
  • Use multi-factor authentication on your online accounts.
  • Don’t open email attachments or click on links from unfamiliar sources.
  • Use WiscVPN when using public Wi-Fi.
  • Log out of applications completely, especially on public computers, and disconnect from the Internet when not in use.
  • Verify an email or text that seems suspect; give that person or company a call directly and confirm that the communication was from them.

Finally, don’t disclose or confirm identifying information (e.g., SSN, birth date, place of birth, passwords, account numbers) when solicited by any third-party that is not in a secure online format. Also, keep in mind hackers use other forms of communication—like phone calls posing as customer service or government entities—to get private data from you. Find helpful guides on many IT security-related topics.