We’ve said it time and time again, but it is something that is very important; watch out for suspicious emails and phishing attacks. When it comes to identifying email fraud never be overconfident. Make sure you look out for all the tell tail signs that come with a phishing email, even the hard to spot ones!
Phishing emails can fool even the most cautious people. Whether you are working in the office or at home, cybercriminals will stop at nothing to get ahold of your data. Phishing is still the most common way for hackers to enter your network. It is easy for hackers to create phishing emails and imitate a person or business just by doing a little searching on the internet. They can be looking for names, titles, emails, or phone numbers just to make their phishing email look real.
One phishing attack cyber criminals are starting to use involve imitating well- known brands. In a recent study, researchers found that 43% of phishing attacks that mimic brands were trying to pass as Microsoft. Cyber criminals use Microsoft as their lure because it is so well known and widely used. People wont usually think twice about an important message sent to them from what they think to be Microsoft. Once this email is received there will be a link that it is urgently telling you to click it in order to log in and “verify your credentials.” Clicking that link is how the hackers get your information. So, if you are unsure just call the company the email is allegedly coming from and ask them if the email you received was real. Do not click any suspicious links!
Being able to recognize phishing emails on your own can protect your data from being stolen. If all else fails and you’ve checked the email address it is being sent from and you still can’t tell if it is real or not, you can always stay on the safe side and give that company or person a call and ask them if the email came from them. If it was not a real email from the suspected company or person just delete the email.
Another form of cyberattack is a business email compromise (BEC). This type of attack targets specific roles within a company with the intent to steal money or data. Other types of attacks include spoofing, spearphishing, and malware. Spearphishing is when a targeted attack is aimed right at you. These attacks try to trick you into handing over your login credentials in order for the hackers to download malware onto your device. Again, if you are unsure about the email you received check the senders address, there could be just one letter off from the actual company. An example could be instead of Microsoft.com it could use Microsoft.co. These are small details but can lead to big consequences.
Overall, email is the core way of conducting business online and we don’t see it going away anytime soon. As described above its easy for these fraudulent emails to slip through the cracks and go undetected if you aren’t cautious. Trainings are one way to lessen the number of successful phishing attacks. And, if an attack is successful don’t get mad at your employee, take this moment to fix the issue and update your training so it doesn’t happen again.