Phishing is a type of social engineering attack where a criminal sends an email designed to trick a person into revealing sensitive information or deploying malicious software like ransomware.
91% of all cyberattacks begin with a phishing email to an unexpected victim. – Deloitte
Phishing scams are the most common types of attacks in the US. Learning the signs of a phishing email is an important way to keep your team and business safe. Here’s what to look for:
It Doesn’t Look Right
Phishing emails often just don’t look quite right. Here are some key things to check:
- The logo or colors don’t look like the business’s logo you know.
- The URL doesn’t match the text when you hover over it.
- The email address doesn’t match the company it was supposedly sent from.
- Poor spelling and grammar. An occasional mistake is one thing, but phishing emails often have multiple spelling and grammatical errors.
Information Requests
A phishing email will often request your private information. It may be a password, W-2 form, or other personal information. If you receive an email requesting information like this, it’s imperative that you do not click on any embedded links and verify the email – most likely it is a scam. Reputable businesses will not send emails asking you to reply with this information.
It Has an Attachment
An email with an attachment should always be viewed with suspicion, especially if you weren’t expecting it. Before opening an attachment, spend time looking for any signs that it’s not legitimate.
Unexpected Requests
Hackers are becoming masterful at researching high-level personnel and impersonating them. If you receive a suspicious email from your company CEO asking for funds, gift cards or information, you might be the victim of a phishing email. An unexpected request for information – regardless of who it supposedly came from – should be viewed with suspicion.
Urgency or Desperation
Any email that’s saying you need to “act now” should be eyed suspiciously. Phishing emails often use this tone to trigger you to act quickly without thinking. Before clicking on anything, slow down, take a deep breath, and read the email carefully. When in doubt, go directly to the website (not via the email), call a known contact, or otherwise verify what the email is saying.
Phishing attacks have affected 3 out of 4 American businesses. By understanding what to look for, you can help train your employees to protect your business by not falling for these common email scams. Give us a call and let’s talk about how our security solutions can keep your company safe into 2022 and beyond!
