Tips to Protect your Company from Phishing Attacks
By Debbie Gregory.
Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity in an electronic communication, often times directing users to enter personal information at a fake website nearly identical to the legitimate site. Spear phishing is a targeted aimed at a specific victim.
These two cyberattacks can put your business is at risk if you don’t take the proper steps to thwart them.
A phishing email will attempt to trick you into thinking it is from a legitimate, trusted source. Of course, you wouldn’t just give out passwords to a stranger, but if you think the email is from someone you trust, you might.
A spear phishing email appears to be from a very specific sender. For example, the email could look like it’s from your IT services provider, using identical colors, logo, contact name, and even an email address that’s very close to the correct email address.
So how do you spot the fakes and protect your company?
Training and educating your employees is priority one. When your staff understands what to look for to identify these scams, they will be able to avoid opening and responding to the wrong emails. Check not only the email address the email appears to come from, but also check to make sure it’s not a spoofed email address. Also, look for typos and mistakes in grammar.
Hover your mouse over any links embedded in the body of the email. If the link address looks weird, don’t click on it. Also, analyze the salutation. Legitimate businesses will often use a personal salutation with your first and last name.
Another weapon in your arsenal should be limiting administrative access to your company’s social media channels. Cybercriminals may try to get you to access a file that deploys in your system and copies your entire contact list. Then the criminals can access all of your contacts’ data, not just the company’s data.
If you can spot the irregularities in these communications, then you can avoid the scams. Start by checking. If it does not match a legitimate web presence that you can search for online, then do not open it. It’s likely a scam.