Since the beginning of the pandemic, businesses have had to adapt and become more reliant on a remote landscape. By doing so, a lot of business and communication are handled over email. However, with businesses moving to a more remote setup, there is also a shift in cyber security threat vectors. One of the more popular ones that have increased is phishing scams. These phishing scams have not only increased, but they have also become more convincing as well as harder to detect at a glance.
With phishing email scams becoming more frequent in today’s cyber environment, it is more important now to be more vigilant. Unlike some other cyber security threats, there are things that you can do to prevent yourself from becoming a victim. By utilizing some of
the following tips and tricks, you can reduce not only yourself but also your organization from becoming a victim of cyber phishing scams.
Phishing email scams are one of the most common scams used in today’s landscape. However, they are detectable if you know how to identify them. One particular way to detect them is by going right to the source. If you receive an email that looks to be legit but you just want to be sure, you can check the email address of the sender. By looking at the email address to see what the domain of the sender is, you can easily determine if it is a legit email or if it is someone trying to pretend to be someone else. The giveaway is in the “@domainName.com” portion of the email address. Scammers will try and make the email address as authentic as possible so you should always double-check and verify the email address to make sure the sender is authentic.
A second preventative measure for preventing becoming a victim of phishing emails is to look at the way the email is written. “Legitimate companies have trained staff and whenever they send out large or small messages/emails to staff, they require double checking and then only they send emails to their staff.” The spelling and grammar in an email is a good indicator if the email is legit or if it is a fake. Sometimes the emails are very convincing but little things like a comma where a period would normally be or the way currency are typed (i.e. 3,00 instead of $3.00) is another clear indicator that the email is probably not authentic.
The third preventative measure should be an obvious giveaway. If you receive an email that is requesting you to send sensitive Personally Identifiable Information (PII) across email is a very unsafe practice. “If your bank emails you to send your account number through email or asking for your username and password through email, it is recommended to not to send it.” You should also look for other not-so-obvious signs that would signify that the email isn’t authentic. Things like random graphics or greetings that say “Dear Customer” instead of your name. “Hackers often rush to get phishing sites up, so some of them will look significantly different from the original company.”
If you do receive a phishing email, there are a few things that you should do immediately. You should first not open it and delete it “since most viruses activate when you open an attachment or click a link within an email.” Sometimes, the email has a virus embedded in it and just opening the email will activate the virus without you even knowing. You should then notify your IT department and manager immediately that you have received a phishing email but DO NOT forward them the actual email. This will prevent the possible spread of the virus to other computers and users. Your organizations’ IT department will then take the necessary precautions and steps to limit the threat and make a note to prevent it from getting through your security in the future. If you follow these tips and strategies, you will be sure to help to prevent any spread of scams and viruses across your organization.
Written by: Robert Johnson, EMCO Technology, Inc.