One Step Ahead: Stop and Verify: Do These Two Things to Avoid Being a Victim

Another tip in a series provided by the Offices of Information Systems & Computing and Audit, Compliance & Privacy

Stop and Verify: Do These Two Things to Avoid Being a Victim

We get much of our news and information electronically now. Some of this information might appear legitimate, but in reality it isn’t. Consequences for taking action on or sharing the information might be tame, such as ridicule from your colleagues, to something way more insidious, such as fraud.

Avoid becoming a victim by doing just two simple things whenever you receive questionable information: Stop and verify!

One: STOP! Ask yourself questions. For email, what is the sender trying to make you do? Is the sender known to you, and are they making a reasonable request?

  • If a request is not from someone you know or is unusual, confirm the request via another contact method such as a phone call to the sender to confirm.
  • If you receive what appears to be an email from your bank listing a problem with your account, just stop and consider that there may be a problem (but likely not).

Two: VERIFY! Check the source of the information:

  • Don’t mindlessly click ‘Share’ on any piece of information, especially from social media: Check its source first!
  • Facebook and other social media platforms now provide information on the sites that post on their platform.
  • Leave the social media platform and check the link independently, especially noting the ‘About Us’ section if the site has this information.
  • There are websites that offer fact checking on stories, so check these out as well.
  • In the banking example above, don’t click on any links in that email. Instead, verify if there is a problem by manually entering your institution’s official web address to check your account, or calling your bank’s officially published number.

You can find out who provides your IT support by consulting this page: http://www.isc.upenn.edu/get-it-help

For additional tips, see the One Step Ahead link on the Information Security website: https://www.isc.upenn.edu/security/news-alerts#One-Step-Ahead