All it takes is one infection, on one device to impact personal and corporate networks. It doesn’t matter if you have the most secure security system in the world. It takes only one untrained employee to be fooled by a phishing email and give away the data you’ve worked so hard to protect. Make sure both you and your employees understand these specific telltale signs of a phishing attack.
What is a phishing attack?
Phishing is a type of breach where Cybercriminals use legitimate businesses and situations to email and convince their victims to give them their personal information such as social security numbers, credit cards, etc. Some phishing emails will have the victim click on a link, which introduces malware to the user’s device. The malware can then give access to the attacker, leaving them free to steal sensitive data.
How to recognize a phising email?
1. Companies don’t request your sensitive information via email: Most companies will not send you an email asking for passwords, credit card information, credit scores, or tax numbers, nor will they send you a link from which you need to login.
2. Phishing emails usually don’t call you by your name: Phishing emails typically use generic salutations such as “Dear valued member,” “Dear account holder,” or “Dear customer.” If a company you deal with required information about your account, the email would call you by name.
3. Companies use domain emails: Check the email address by hovering your mouse over the ‘from’ address. Make sure no alterations like additional numbers or letters have been made on the email address.
4. Check misspellings: Possibly the easiest way to recognize a scammy email is bad grammar. An email from a legitimate organization should be well written.
6. Unsolicited attachments: Typically, authentic companies don’t randomly send you emails with attachments, but instead direct you to download documents or files on their own website.
7. Links don’t match legitimate URLs: Double check URLs. If a hyperlink’s URL doesn’t seem correct, or doesn’t match the context of the email, don’t trust it. Ensure additional security by hovering your mouse over embedded links (without clicking!) and ensure the link begins with https://.
8. The Friend Tactic: If an unknown individual claims to know you in an email but you don’t know anybody with that name, is probably a scam. A variation on this type of scam is that one of your known friends is in a foreign country and needs your help. Your true friend’s email contact list was probably hijacked.
How to protect yourself from a phishing attack?
- Protect your computer by using security software. Set the software to update automatically so it can deal with any new security threats.
- Protect your mobile phone by setting software to update automatically. These updates could give you critical protection against security threats.
- Protect your accounts by using multi-factor authentication. Some accounts offer extra security by requiring two or more credentials to log in to your account. This is called multi-factor authentication.
- Back up your data and make sure those backups aren’t connected to your home network. You can copy your computer files to an external hard drive or cloud storage. Back up the data on your phone, too.
What to do If you receive a phishing email?
- Don’t click on any links, open attachments, or expand any included pictures if you are unsure where the email came from
- Don’t try to reply to the sender, this will be a sign that your email is being used regularly and the cybercriminals can use your email to send another phishing email to someone in your company
- Report the scam to your IT Support guy or company
- Delete the email from your computer
- If you do legitimate business with a company mentioned in the phishing email, you can call the business and ask if they would like you to forward the email to them, so they may take further action.
It’s natural to want to think, “We’ve got it covered.” Yet we can practically guarantee our team will find one or more ways your business is at serious risk for hacker attacks, data loss and extended downtime.
FOR A LIMITED TIME, WE ARE OFFERING TO GIVE AWAY A FREE CYBERSECURITY AUDIT. FILL OUT THE FORM AT THE RIGHT AND FIND OUT BEFORE THE DAMAGE IS DONE