Contact Us
Download MySudo
Sub Topic

Protect yourself from phishing

How to protect yourself from phishing

A simple guide to spotting scams and staying safe online.

Phishing is one of the most common ways criminals steal personal or financial information. They pretend to be someone you trust — like your bank, favorite store, or even your insurer — and try to trick you into clicking a bad link, sharing your password, or downloading a fake attachment.

In the first quarter of 2025 alone, there were over 1 million phishing attacks reported worldwide (APWG). That’s why it’s so important to know how to recognize and stop them.

1. Stay alert and trust your instincts

Phishing messages often sound urgent or threatening: “your account will be closed,” or “verify your information now.”

What to do:

  • Pause before you click or reply.
  • Look closely at the sender’s email address or phone number.
  • If it feels off, contact the company directly using a phone number or website you trust.

2. Protect your inbox with safer tools

Phishing usually starts with an email or text. The less your real contact details are exposed online, the fewer scams reach you.

Try this:

  • Use MySudo to create virtual email addresses and phone numbers for things like online shopping, app sign-ups, or newsletters.
  • If one address starts receiving spam or phishing attempts, you can delete it and make a new one — your real information stays safe.
  • Set your email app to filter spam and mark suspicious messages as “junk.”

3. Use strong, unique passwords — and a password manager

Weak or reused passwords make it easy for scammers to break in. Yet only about one-third of Americans use a password manager (Security.org)

What to do:

  • Create long, unique passwords for every account.
  • Use a trusted password manager like MySudo Password to remember them for you.
  • Turn on two-factor authentication (2FA) wherever possible — that’s the extra code sent to your phone or app when you sign in.

4. Keep your devices and apps up to date

Updates often include security fixes that block new phishing tricks. Set your phone, computer, and browser to update automatically.

5. Watch for fake websites

Phishing links often lead to look-alike sites that steal your login info.

Check before you click:

  • Hover over links (on desktop) or hold down on them (on mobile) to preview the real address.
  • Real company sites usually start with https:// and use the official domain name.
  • When in doubt, type the address yourself instead of clicking a link.

6. Protect your connection

When you’re on public Wi-Fi, it’s easier for criminals to snoop. Use a VPN (virtual private network) to encrypt your connection; MySudo VPN not only provides this capability, but also doesn’t require any personally identifiable information (PII) to sign up.

7. Be careful with personal or financial details

Scammers sell stolen data on dark-web marketplaces — sometimes for as little as $17 per credit card (Comparitech).

What to do:

  • Never share your Social Security number, banking details, or full credit card number through email or text.
  • Use MySudo’s virtual cards and numbers when you shop or sign up for new services.

8. Report and recover quickly

If you think you’ve been targeted or clicked a bad link:

  1. Change your passwords right away (especially for email and banking).

  1. Turn on 2FA if it isn’t already.

  1. Monitor your accounts for unusual activity.

  1. Report phishing to your email provider and to the FTC

Topic

Phishing

Sub Topics

Phishing FAQ

Phishing Glossary

Protect Yourself From Phishing

Talk to sales

Other Resources

What is Whale Pishing?

What is “Vishing” or Phone Phishing?

What is Spear Phishing?