How to avoid falling prey to phishing?
Phishing attacks primarily disguise themselves as trusted organizations and people, preying on individuals’ loyalty and exploiting it. You should be cautious of email titles and phrases such as “your account has been locked,” “update your record,” “click to learn more,” “you missed a delivery,” “confirm your account,” “suspended account,” and unwarranted refunds on taxes or purchases. Emails can also be sent from seemingly reliable individuals such as your company’s CFO or CEO. When in doubt, contact the sender or company directly through the official website or the individual in person. Do not click any of these links or attachments.
Here are the 5 basic tips to follow to avoid phishing:
- Beware of links: Hover over potential links in emails to verify their legitimacy before clicking on them, as this can prevent navigation to fraudulent sites or links that may contain malware. Hovering lets you see a site’s full URL, and from here you can determine if the website is secure and the correct destination before visiting.
- Anti-phishing toolbars: Some internet browsers can be fitted with anti-phishing toolbars that run checks on sites before you visit and compare them to lists of known phishing sites. This helps prevent you from navigating to fraudulent sites and decreases the risk of downloading any malicious content. Discuss this with your company’s security team or MSP before adding.
- Verify a site’s security: URLs that begin with “https” and have a closed lock icon near the address bar, are secure websites. These sites allow sensitive information to be entered with little risk.
- Don’t send personal financial information via online: You should only communicate secure information such as usernames, passwords, or banking information via a secure website or over the phone. Don’t fill out any forms in emails unless verified as legitimate.
- Educate: Many companies offer thorough training programs to help employees and individuals learn to identify and combat phishing techniques. You can reduce employee and individual susceptibility to phishing through necessary training, examples, and procedures.
Email being the main form of business communication poses different threats to organizations and individuals. Spam mail and phishing attacks can often be damaging to an organization, these attacks can cause a breach of personal or client information or a loss of funds. The best way to avoid and protect yourself from an attack is awareness and education. Knowing the different types of attacks, and motives and identifying key features can help you and your employees avoid malicious emails. Having a program specifically designed to simulate phishing attacks and provide in-depth security campaigns, like Cybersecurity Risk Assessment, will reduce your risk of falling victim to a scam through employee education.
Paul Jackson, CEO/Cybersecurity Specialist, and the rest of his team at Jackson Technologies are offering a FREE Cyber Strategy session via webinar every week. Contact us to book your appointment!