How Not to Fall for a Phishing Email

How Not to Fall for a Phishing Email

You may have heard the term phishing, but are you clear on what it is and how to identify it?

Popular with cyber criminals, phishing is the technique of attempting to get someone to reveal sensitive information through the process of disguising themselves as a reputable entity. Phishing emails typically contain links to sites that contain malware.

Related: Cybercrime by the Numbers

According to Verizon’s findings in 2016, a whopping 30% of phishing emails get opened. When you stop to think about how many emails are sent, the fact that 30% of these malicious emails get opened is impressive – and startling. Phishing continues to be an issue because the bad guys are so good at camouflaging their intentions as legitimate communication.

Phishing continues to be an issue because the bad guys are so good at camouflaging their intentions as legitimate communication.

How do I know if it’s phishing?

Sometimes the most well-intentioned employee can click on a phishing email. It happens, which is why it is important to know how to identify an attempt. Here are three tips to help.

Misspelling or wrong voice – if something just seems off about the way the email is written, or if you notice misspellings and bad grammar, this should be the first sign that something is amiss.
Intimidation tactics – it is common among these types of emails to use threatening phrases such as “your account will be closed” or “your payment is due today” in an attempt to get an emotional reaction that will result in falling for the scam.
Suspicious links – if there is a link within the email that you are not expecting, or seems strange, or is misspelled, just don’t click on it.

What do I do if I receive a phishing email?

In some cases, you can contact the person, or company that the email is said to have originated from to attempt to verify its legitimacy.

If you are suspicious of a link within an email you can hover your mouse over the link to reveal the address it will direct you to. If it doesn’t match, or is a strange mix of characters, it may be malicious. If you are in doubt at all, don’t click on it.

If you are using Microsoft, they have tools to help report suspected scam or phishing emails.

Related: Creating a Security Conscience Team

If you receive a suspicious message within Outlook.com you can click the check box next to the message, then the arrow next to Junk and then to Phishing scam.

Another option if using Microsoft Outlook is to right click on the suspicious email, then junk and finally, report junk.

If you would like more information about our services, including security awareness training, contact us here or call 937.885.7272.

Follow us on Facebook, Twitter and LinkedIn and stay up to date on Hacks, Attacks & Cybersecurity by subscribing to our email list.

Related Post

The Equifax Breach and What Went Wrong What happened?  It appears that the attack vector used to breach Equifax was from an unpatched web server.  Equifax uses the Apache Struts Open...
Can You Remember All of Your Passwords? The era of incredibly hard passwords to remember may be coming to an end. The National Institute of Standards and Technology, NIST, recently ...
Where to Begin When it Comes to Network Security Wanting to improve the security of your network is great, but where do you start? It can be overwhelming, which is why outsourcing to someone l...

Posted by Jack Gerbs