How to Effectively Spot Phishing Emails
We get more email correspondence than ever. Unfortunately, many of these messages are spam. Some are even worse: Phishing attempts looking to fool you into providing information that can be used to infiltrate your business account or network. This month, we thought we would go over some of the telltale signs that you are dealing with a probable phishing attempt and how to properly manage the loads of spam you get in your inbox each day.
Telltale Signs of Spam and Phishing Messages
You should understand before we get into this too far that phishing messages are a form of spam, but the end results are much different. Spam messages are typically sent en masse to hundreds of thousands or millions of people at once. This blanket of spam is effectively the digital equivalent of junk mail, that filled people’s mailboxes with unwanted mail for years. The cost to send mail is much more prohibitive than simply sending email to a lot of people.
Phishing emails, still spam, but tend to have content that is more actionable than your traditional spam mailer. In fact, phishing emails are deliberately created to get people to take action. Most of the time, this action is a ruse to get people to grant access to accounts and computing networks where the scammer can steal data, or worse, deploy malware. Most phishing emails trick people by impersonating a trusted source and use that trust to scam them into providing credentials or providing pathways for scammers to do more harm. Most phishing emails tend to include:
- Spelling errors in the message
- Suspicious sender addresses
- A sense of urgency, like claiming a prize in a sweepstakes or paying a bill
One type of phishing that is especially dangerous is called a spear phishing attack. Spear phishing attacks are efforts that target a specific person. Hackers may have previous knowledge of the target and use that knowledge to create a scenario where the recipient of the spear phishing email will take action, creating an opening for the hacker to steal information, money, or worse.
How You Should React
Chances are you get dozens of spam messages per day, but if you believe that you’ve been phished, you need to isolate the email and report it to your IT administrator. Most times these emails need you to click on a link or an attachment to take advantage of you, so you need to ensure that, if a phishing email hits your inbox, that the address that it comes from is blocked and future messages like it are eliminated by the spam protection you have set up through your email provider or by your IT department.
There are times when you get an email that doesn’t immediately seem like a legitimate email, but it could be. We suggest that—in order to be safe—you verify the email was in fact sent by a legitimate party. Some of today’s phishing emails are very sophisticated, and while it may slow down a legitimate process, no one at your organization will fault you for using good judgment.
If your business needs help setting up comprehensive spam blocking or if you need help coming up with a training platform that can do more than about anything else to keep your organization safe from phishing, give PCSOFT a call today at 02 98730080.