PHISH-BE GONE? How to Spot and Defend Yourself Against Phishing Emails

Since the beginning of the pandemic, businesses have had to adapt and become more reliant on a remote landscape. By doing so, a lot of business and communication are handled over email. However, with businesses moving to a more remote setup, there is also a shift in cyber security threat vectors. One of the more popular ones that have increased is phishing scams. These phishing scams have not only increased, but they have also become more convincing as well as harder to detect at a glance.

With phishing email scams becoming more frequent in today’s cyber environment, it is more important now to be more vigilant. Unlike some other cyber security threats, there are things that you can do to prevent yourself from becoming a victim. By utilizing some of

the following tips and tricks, you can reduce not only yourself but also your organization from becoming a victim of cyber phishing scams.

Phishing email scams are one of the most common scams used in today’s landscape. However, they are detectable if you know how to identify them. One particular way to detect them is by going right to the source. If you receive an email that looks to be legit but you just want to be sure, you can check the email address of the sender. By looking at the email address to see what the domain of the sender is, you can easily determine if it is a legit email or if it is someone trying to pretend to be someone else. The giveaway is in the “@domainName.com” portion of the email address. Scammers will try and make the email address as authentic as possible so you should always double-check and verify the email address to make sure the sender is authentic.

A second preventative measure for preventing becoming a victim of phishing emails is to look at the way the email is written. “Legitimate companies have trained staff and whenever they send out large or small messages/emails to staff, they require double checking and then only they send emails to their staff.” The spelling and grammar in an email is a good indicator if the email is legit or if it is a fake. Sometimes the emails are very convincing but little things like a comma where a period would normally be or the way currency are typed (i.e. 3,00 instead of $3.00) is another clear indicator that the email is probably not authentic.

The third preventative measure should be an obvious giveaway. If you receive an email that is requesting you to send sensitive Personally Identifiable Information (PII) across email is a very unsafe practice. “If your bank emails you to send your account number through email or asking for your username and password through email, it is recommended to not to send it.” You should also look for other not-so-obvious signs that would signify that the email isn’t authentic. Things like random graphics or greetings that say “Dear Customer” instead of your name. “Hackers often rush to get phishing sites up, so some of them will look significantly different from the original company.”

If you do receive a phishing email, there are a few things that you should do immediately. You should first not open it and delete it “since most viruses activate when you open an attachment or click a link within an email.” Sometimes, the email has a virus embedded in it and just opening the email will activate the virus without you even knowing. You should then notify your IT department and manager immediately that you have received a phishing email but DO NOT forward them the actual email. This will prevent the possible spread of the virus to other computers and users. Your organizations’ IT department will then take the necessary precautions and steps to limit the threat and make a note to prevent it from getting through your security in the future. If you follow these tips and strategies, you will be sure to help to prevent any spread of scams and viruses across your organization.

Written by: Robert Johnson, EMCO Technology, Inc.

Code Phishing – The Growing Scam of the Pandemic

As the world of technology continues to expand, so does the number of threatQR Codes vectors that could possibly compromise the security of an individual and company alike. As the landscape for the threats continues to change, the more important it is for everyone to be more vigilant and aware of the potential dangers that are beginning to pop up more and more. One of the major ways that are being targeted is being utilized more and more by restaurants and other retailers alike. QR codes have now become just one of the latest ways that attackers will try and gain access to devices of unsuspecting customers alike. QR codes have now become just one of the latest ways that attackers will try and gain access to devices of unsuspecting customers.

QR codes are bar-code like objects that are used for a number of things. They can be used to easily navigate to a specific website for a retailer or to data storage as well. They are not only used in retail, they are also used in video games as well as other activities like geocaching. While these companies and activities can be legitimately using the QR codes, hackers are using the public’s blind trust of seeing them at stores and restaurants to gain access to unsuspecting victim’s devices.

An example of how they do this is particularly at restaurants. Since COVID-19 began and then restaurants began reopening again, many of them utilize QR codes for customers to see the menu. By doing this, it makes it much easier for customers to see the whole menu for the restaurant. However, hackers know this and will create their own QR codes and drop them on tables or on the floor near tables. They are hoping that a customer will scan it with their device and once they do, it will either download data to their device without the user knowing it or it can even navigate them to a fake website that the hacker has set up in the hopes of the customer entering personal information like email addresses or passwords.

Once a hacker has access to the device, they can gather any and all the information that they would like. They can use the information entered by the user to start phishing attacks by email spoofing or even just gaining access to your email to read and exploit using your email address or even gain access to your financial information. There are things that you can do in order to help prevent it from happening to you or your organization.


Computer.org gathered a list of ways to prevent this from happening to you. They recommend “scanning QR codes of trusted sources only, regularly update your device’s security as well as remain vigilant.” Another way to limit your exposure is using a QR code reader. Apps like Kaspersky’s QR code Reader and Scanner offer the ability to scan QR codes with a little more confidence. Beaconstac.com has rated this app one of the best because “it offers Kaspersky’s safety checks that ensure a QR code doesn’t lead to a dangerous link or malicious content” as well as “keeps a history of all QR scans done within the app.”

Written by: Robert Johnson, EMCO Technology, Inc.