Who is Your Office's Weakest Link? Tips to Identify a Phishing Scam
Stop! Before you click the link in that email, read this.
We see this all the time, you get an email while at work from what you believe to be a trusted sender – UPS, FedEx, Apple, etc. Perhaps you recently purchased a song from Apple or you have a package on the way. You open the email and innocently click on the link within the email. If the link clicked is malicious, you have now infected your computer and possibly your company’s network.
Don’t be THAT employee. There are many clues that can help you decipher if the email is legitimate or if you’re a target of a malicious attack.
Here are some tips to help decipher good from bad:
- Be cautious: Only click web links within emails you are absolutely sure are authentic.
- False urgency. Many phishing emails will come up with alarming reasons to scare you into taking action immediately. Threats and urgent deadlines often are characteristics of phishing scams.
- Subject matters: Take a good look at the subject line. Does it seem unusual or out of character when you consider the sender? Were you expecting this type of email from this person. If not, it is best to ignore it – or better yet, delete the email altogether.
- Don’t get spoofed: Look closely at the “from” line of the email sender vs the domain of the link within the email. Do they match? No? This could be a potential malicious email.
- Greetings earthlings: Any organization which you have a relationship with will always address you by your name, especially if they are notifying you about your account status. If the greeting is generic, such as “Dear Customer” or “Dear Sir/Madam,” don’t open it.
- Look for mistakes: If you notice poor grammar, spelling errors or odd spacing, these are red flags. Most reputable sources will not send important notices with these types of errors.
- You want me to go where?: Before clicking on that hyperlink in the email, hover over it to see the destination URL. Does it match the rest of the email? Have you tested short URLs with a URL expander like checkshorturl.com to see where it is going? Does it look like a legitimate url? Are there random numbers or letters or a domain you have never heard of? Can’t safely decipher where that email is going no matter what you have tried? If so, delete … delete… delete.
Your company is only as secure as your weakest link. End-user education is critical to securing your business from intruders.
At IT Solutions, we provide enterprise-grade security tools, including routine, phishing training to help keep your network safe. If you would like to discuss our advanced security packages to better protect your business, or you're interested in on onsite cybersecurity awareness session for your staff, contact us today.
Did you miss our recent Cybersecurity Lunch and Learn? Download a Copy of the Presentation!