Digital information is part of our lives. We use it every day at home and at work. The need to safeguard this information has not only changed, but it has also made having digital information a liability. A recent study by IBM found that 95% of data breaches were caused by human error. That includes lost phones, laptops, and people falling victim to phishing scams.
What is a phishing attack? According to the United States Computer Emergency Readiness Team (US-CERT) phishing is defined as a form of social engineering that uses email or malicious websites (among other channels) to solicit personal information from an individual or company by posing as a trustworthy organization or entity. Phishing often directs users to enter details on a fake website that looks and feels almost identical to the legitimate site.
Here are 5 ways to spot a phishing attack:
1. Examine the sender’s email address and check if it matches the domain of the company who is sending the email. If you receive an email about your bank account but the sender’s email address does not contain the name of the bank then its most likely a phishing email.
2. Look for generic greeting such as “cardholder” or “Dear Customer”. Most cyber criminals send millions of emails with generic greetings because they are not targeting a specific person. However, some sophisticated criminals do target individuals and will use correct information to lure their victims.
3. Look for messages with threatening language or ones that require immediate action (i.e. “your account has been compromised” or “your account will be terminated if you do not act now”).
4. Approach embedded links with caution. When in doubt, move your mouse and hover over a link to see where the address leads. If it’s not the domain of the company that sent the email, DON’T click on it!
5. Be cautious with email file attachments. Attachments are the easiest vehicle for a cyberthreat to hide in. If you don’t know the sender, NEVER click on an attachment.
Phishing emails are one of the most commonly used attacks targeting employees in order to steal data and/or money. If you own or manage a business then it’s imperative that cybersecurity awareness becomes part of your company’s culture. Reach out to me to learn more about how Imagis can help your organization become more secure and protect itself from cyber criminals.