As cyber-attacks step up, organizations are constantly training employees to recognize phishing attacks. This is an ongoing battle that must be handled proactively in order to protect your business.
What is a phishing email?
Phishing is an e-mail fraud method in which cyber criminals sends out legitimate-looking email in an attempt to gather information. The messages typically appear to come from well-known and trustworthy Web sites. Some messages can be seen as obvious frauds however others can be a bit more convincing.
How do I protect myself from a phishing email?
This is not simple as no single technique works in every situation but here are some things to look at to protect your business from a phishing email.
- Mismatched URL
Always check suspicious email messages for embedded URLs. Many phishing email will appear to be valid however, if you hover your mouse over top of the URL, you will see the actual hyperlinked address. If the hyperlinked address is different from the address that is displayed, then the message is probably fraudulent or malicious.
- Misleading domain name
Cyber criminals that launch phishing scams depend on victims not knowing how the DNS naming structure for domains works. For example, the domain name http://offers.365itsolutions.com would be a child domain of https://365itsolutions.com/ because https://365itsolutions.com/ appears at the end of the full domain name on the right hand side. However if the domain is “https://365itsolutions.com.maliciousdomain.com”, then that would clearly not have originated from https://365itsolutions.com/.
- Poor spelling and grammar
Professional businesses do not send out messages to employees or clients that are not reviewed for spelling, grammar and legality. If a message is filled with poor grammar or spelling mistakes, it did not come from a major corporation’s legal department.
- Personal information
If a message asks for personal information, it is a bad sign and usually part of a scam. Your bank will never request your account number or other personal information online via email. No reputable company will ever send an email asking for your password, credit card number or the answer to a security question.
- Special offers
“Congrats, you have won an iPad!” or “Congratulations, you have won $500!” are some subject line you make you concerned over how legit the sender is. Good news is if you are junk mail filter, most of these types of emails get caught however your still need to be aware of these threats.
- Send money
This is an old one however still a valid threat. Any email asking for money to cover expenses that so you may access an inheritance is a phishing artist will likely ask for money to cover expenses, taxes, fees, or something like that. If that happens, then you can bet that it’s a scam.
- Government agency
Phishing artists will use any avenue available to access your information. Sometimes phishing artists will send messages claiming to have come from a law enforcement agency or Canada Revenue Agency just to scare someone into handing over information.