Signs of a Phishing Scam
Phishing scams – emails meant to obtain personal information – are a primary means of attack for hackers. These seemingly innocent emails can compromise your entire network, so training your employees on how to spot them is essential.
Suspicious Email Addresses
Phishing emails typically appear to come from a known or trusted source like an outside business, such as FedEx or a bank, or from an internal person such as the CEO of your company. Because the names are trusted, employees are more likely to open and respond to the email. However, often there are tell-tale signs that these emails are not legitimate, such as:
- The email address doesn’t match the sender’s name.
- The email domain looks similar, but not identical, to a known domain (such as fed-ex.com instead of the real fedex.com).
- The email does not use your name in the opening.
Any of these signs should make the user proceed with caution and contact their IT security team.
Phishing scams rely on human error, and an urgent message can cause the user to be less careful and thoughtful about their actions. For example, an urgent request from upper management may send an employee into frenzy, without them realizing it was a phishing email.
You should establish a protocol to verify such emails. Following up via phone, for example, can help eliminate mistakes that could cost millions.
Phishing emails typically include embedded links, which should always be approached with caution as they can lead to malicious websites that will compromise your network security. Before clicking on any link, employees should be trained to hover over it to see where it is taking them. Often, it is not where they think! Whenever possible, employees should not click on the links at all, but rather navigate to the website by typing the URL or using a previously bookmarked link.
With phishing scams being so common, it’s important to take defensive actions. No matter how secure your network may be, an innocent click on a malicious link can compromise your data. By training your employees to recognize the signs of a phishing email, you can help protect your entire company. If you’re interested in learning more about protecting your business from cyberthreats, contact us today.