According to Verizon’s “2015 Data Breach Investigations Report,” phishing attacks are successful more often than we might think. A study found that 23% of recipients open phishing messages and 11% click on attachments. This means that for every ten employees you have, one of them might be clicking on attachments that can infect your company’s computer systems. Now before you go off and find that one employee to catch them in the act, remember that education is your greatest ally in the battle against phishing. Here are a few tips for you to know if you are dealing with a phishing email:
Check The URL Of The Links
Just never click links. And if you really have to, then ensure that the link in the email is actually the link that it claims to be. Most good browsers will show what a link’s URL really is underneath all the blue writing if you hover over the link. It is also a good idea to familiarise you and your staff with the inner workings of a URL as this will help you to know which links are the ones on which you should never click. If, for example, the link looks like the following:
“reputablecompany.dodgyscammywebsite.com” then you will notice that the reputable company is not the real address that you will reach, and instead, you will be directed to dodgyscammywebsite if you click on that link. Not the best place to be.
Spelling and Grammar
If you receive an email that claims to be from your bank but appears to be written by someone with a very limited grasp of the language they are using, then you are probably looking at a great example of phishing. Always keep in mind that reputable companies do not ask the least educated person on their staff to write professional communications. They would hire copywriters and editors to ensure that nothing tarnishes the brand of the company. Spelling and grammar mistakes scream, “This is unprofessional!” loud and clear.
Do They Want You To Part With Money?
While this is not exactly classed as phishing in the strictest sense, scam emails are also worth mentioning here. Consider this a bonus tip. If the offer sounds amazing and you follow the email down the rabbit hole, you will eventually be asked for a seemingly small amount of money as a “fee” or for “administration,” or maybe even to cover the expenses of sending the coveted object to you. After all, if the offer is for you to obtain the latest smartphone or a brand new car, then the “fee” seems laughably small in comparison, right? However, you pay the fee and you never receive what you ordered. You may wonder who would fall for a scam like that but, sadly, people fall for scams more than they should.
All in all, it is best to use common sense when dealing with emails. Can you really win a contest you did not enter? Should you really enter your username and password to ensure that your bank does not freeze your accounts? If the answer is no, then ignore the email. That is always a good option.
Let us know in the comments if you have any other advice for phishing emails. And if you want to find out how iTree Solutions can help you to combat security issues, then you can do so by filling in the form on our Contact Us page.