CYBERSECURITY: How to Identify Phishing?

With the number of spam emails sent daily expected to increase to almost 190 billion daily, it’s increasingly important to spot the tell-tale signs of a fraudulent email. When you spot fraudulent emails you can protect your personal and business data and your technology from malicious viruses and malware.

 

  1. CONFIRMING PERSONAL INFORMATION

Often you will receive emails disguised to look authentic. They might mimic the style of your current company or an outside business such as a bank or credit card company. These emails may have requests for personal information that you would not usually provide, such as banking information or login credentials. It is important you do not click on or respond to these emails, before determining the legitimacy of the email. When in doubt check it out by contacting an organization directly using a contact number you have, do not use the contact information on the email.

  1. FRAUDULENT EMAIL AND WEB ADDRESSES

Phishing emails often come from an address that appears to be legitimate, but at a closer glance, you can notice some discrepancies. These emails may contain the names of genuine companies and might be made to replicate the company’s personal sites or email accounts. Brand logos and trademarks do not guarantee that an email is real. Hackers can use these images or download them from the internet to mimic an existing company. Even antivirus badges can be inserted into emails to persuade victims into thinking an email is from a legitimate source.

  1. GRAMMAR

Phishing emails can sometimes contain poor language in the body of the message. Grammatical errors and conflictive sentence structure are common in these fraudulent emails. A legitimate company would have constructed an outbound communication professionally and checked for spelling errors and other mistakes. While poor grammar is a giveaway, not 100% of phishing emails will have sloppy grammar, so it is important to keep on your toes.

  1. SCENARIOS

Many phishing emails tempt to instill a sense of worry into the recipient. The emails may give a scenario that depends on you entering your credentials to solve it. For example, an email may state that your account will be closed if you don’t enter your personal Information and act now. If ever unsure of what an email is asking of you and why, be sure to contact the company directly by using a contact number you have, not one they provide.

  1. ATTACHMENTS

If you receive an email from a seemingly random company you do not affiliate with, and the email references something unexpected, the attachment might include some malicious malware or virus. These attachments may contain a URL or trojan horse designed to compromise your system if opened. Send these emails to your security team instead of attempting to open them yourself.

 

How to avoid falling prey to phishing?

Phishing attacks primarily disguise themselves as trusted organizations or people, preying on individuals’ loyalty and exploiting it. You should be wary of email titles and phrases such as “your account has been locked,” “update your record,” “click to learn more,” “you missed a delivery,” “confirm your account,” “suspended account,” and "unwarranted refunds on taxes or purchases". Emails can also be sent from seemingly reliable individuals such as your company’s CFO or CEO. When in doubt, contact the sender or company directly through the official website or the individual in person. Do not click any of these links or attachments.

 

Conclusion:

Email being the main form of business communication poses different threats to organizations and individuals. Spam mail and phishing attacks can often be detrimental to an organization, these attacks can cause a breach of personal or clientele information, or a loss of funds. The best way to avoid and protect yourself from an attack is awareness and education. Knowing the different types of attacks, motives and identifying key features can help yourself and employees avoid malicious emails. Having a program specifically designed to simulate phishing attacks and provide in-depth security campaigns like Cybersecurity Risk Assessment will reduce your risk of falling victim to a scam through employee education.

Paul Jackson, CEO/Cybersecurity is providing a complimentary Cybersecurity Briefing every week to provide accurate and best solution to various cyber threats.

Sign up and book your slot now >>> https://jacksoncybersecurity.com

Registration is FREE!