Just one click can be the difference between maintaining computer security and suffering massive financial losses. All it takes is just one employee to click on a link in an email for your business to be vulnerable.
Here are a list of 5 red flags that point out a potential phishing email:
1. Poor spelling and grammar
The occasional typo happens to even the best of us, an email filled with errors (both in grammar and spelling) is a clear warning sign of a phishing attempt. Most companies push their email campaigns through multiple reviews where errors are fixed and the language is refined. Errors throughout the entire message indicate that the same level of care was not taken and therefore the message is more than likely fraudulent.
2. An offer too good to be true
Free items or a lottery win sound great, but does the offer comes out of nowhere and with no catch? Then there is definitely cause for concern. Take care not to get carried away with the message and don’t click without investigating further.
3. Random sender who knows too much
Spear phishing is when an email or offer is designed and crafted especially for your business. Culprits take personal details from your public channels (Facebook, Twitter, Linkedin and even offline documents such as annual company reports etc) and then use it against you. The only clues? The sender is unknown – they weren’t at the event or involved in any way. Take a moment to see if their story checks out. Even check the email address of the sender to confirm that it is correct and not just a similar sounding or looking address (see #4 below).
4. The URL or email address is not quite right
One of the most effective techniques used in phishing emails is to use domains which sound almost right. For example, [microsoft.info.com] or [pay-pal.com] Hover over the link with your mouse and review where it will take you. If it doesn’t look right, or is completely different from the link text then delete the email.
5. It asks for personal, financial or business details
Alarms should ring when a message contains a request for personal, business or financial information. If you believe there may be a genuine issue, you can initiate a check using established, trusted channels (ie phone the person on their known number not one contained within the email).
While education is the best way to ensure phishing emails are unsuccessful, a robust spam filter and solid anti-virus system provide peace of mind that your business has the best protection available.
DP Computing can help secure your business and can even organise a fake phishing attack to see if further staff training is required. Give us a call to discuss how we can help you on 08 8326 4364 or firstname.lastname@example.org.