The main reason phishing has become such a prevalent problem is that it works. And hackers keep finding new ways to increase the success rate even further. What used to be easily distinguishable attempts at stealing information have now become brilliant scams that look valid at first glance.
However, this doesn’t mean that phishing attacks always work. All that’s needed is for everyone to stay vigilant with online communications and ensure they know what to look for to identify a phishing scam. Here are some of the most important signs you should look out for.
Fake Email Address
Very few people stop to look at the sender’s address when they get an email. Most of the time, employees will glance at the subject line and check the message. If the recipient checked the validity of an email address, it might prevent most phishing attacks.
Amateur cybercriminals might use free email accounts like Gmail or Yahoo to send a phishing scam. Major players, however, use email domains just like real email. For instance, if you get an email from email@example.com rather than firstname.lastname@example.org, you’d better be wary.
Inconsistencies in Writing Style
If the style of writing is suspiciously different from what you have been getting from what appears to be the same sender, this can be a sign of a phishing hook. Also, some countries use different date formats. If date formats are not what you are used to, that’s also one sign.
Errors in Grammar and Spelling
Official emails get checked for grammar and spelling mistakes or go through basic spellcheck. A few minor typos and one or two misspellings are forgivable, but email with blatant errors, especially if it is supposed to be from a reputable company, is a good sign of a phishing scam. It’s likely because the hacker used an automated language translator to mass produce the message for potential victims.
You should never open attachments unless you are expecting them or if you can confirm with the actual sender that they indeed intended them for you. Otherwise, don’t open it, no matter how legitimate looking the filename might be. It’s likely they loaded these attachments with malware that will unleash themselves on your system once you click on them.
No one would knowingly click on a fake link, but these phishing emails are made to look so real. To check whether they are valid or not, hover over them and read the URL, particularly the domain name. If it seems questionable, that’s because it probably is. Delete the email and don’t give it a second look.
There is no 100% guarantee of protection against phishing attacks but looking out for these telltale signs is an excellent first step. As a business owner, be sure that all your employees know these signs and that you have properly trained them on the critical security measures against online threats. For more about these threats and what you can do to protect your business, start your new Employee Training today and have everyone in your office watch our Free Cybersecurity Webinar.
It’s time to take cybersecurity seriously. Call us and let’s protect your business today.