Phishing scams are an insidious and dangerous threat to every business. The danger often comes as an email that appears to be from a trusted source or website that appears harmless, asks for personal information, and then uses that information to breach a network.
Phishing attacks tend to rise during a crisis, like the pandemic. Employees are keeping an eye out for information from employers, the government and other authorities. An email that seems to come from one of these entities that promises new information or requires action could be more likely to receive an impulsive click from an unsuspecting recipient.
Protect your business by keeping your team educated on how to recognize suspicious emails and have a protocol in place for dealing with suspect emails.
Here are five signs to be aware of that you may be getting “phished.”
- The Header Doesn’t Look Right - Any communication from a legitimate company with which you do business should come from that organization’s email system, not from an unrelated email address. For example, email@example.com vs. firstname.lastname@example.org. Another red flag to watch for is an email from a known sender that does not address you by name.
- Urgent Action Required - Another common tactic is impersonating management and requesting sensitive information, quickly. For example, an entry level accountant in your company receives an email from the CFO requesting employee tax ID numbers. They'll most likely respond since it looks legitimate and the information is needed right away. Cybercriminals count on this. Make sure your security protocols include verification of a secure delivery source for sending all urgent requests.
- The URL Doesn’t Match - Phishing emails almost always include a link that you’re supposed to click. Hover over the link with your mouse to reveal its URL. If it doesn’t match up with the company that supposedly sent you the email, it could be a phishing email. As a rule, don’t click on any link you’ve received via email unless your 100% sure its legitimate.
- It’s Poorly Written - Many phishing emails often contain spelling and grammatical mistakes, and other telltale signs that they weren’t written by a legitimate marketing team. Sometimes even the biggest companies make small errors in their emails, but if you see many, obvious grammatical mistakes in an email that asks for personal information, it’s likely a phishing email.
- There’s Something Wrong with the Logo – To enhance the legitimate look of their emails, scammers will often copy the logo of a trusted logo or website. The logo they use might be fuzzy, pixelated or stretched. If it looks illegitimate it probably is.
Even if you think you have the most secure system in the world it only takes one unsuspecting employee to be tricked by a phishing email and have the data you’ve worked so hard to protect fly out the window.
Here at DSI we believe educated employees can be your best defense against a breach. Contact us today and let us help your team identify suspicious behavior and proactively prevent an attack from happening.