How to spot phishy emails
Phishing attempts are becoming more common, and the bad guys are getting smarter by the day.
One of the best ways to protect your business (and prevent very costly clicks) is through staff education and training.
What is phishing?
To put it simply, phishing is trying to trick people into doing something, often via email or SMS (smishing) – that could be clicking a link, opening a malicious email attachment, transferring money or sharing confidential data.
1 in 3 organisations face daily phishing attacks, and with these tying into nearly 93% of of data breaches, the risks are HUGE.
What’s the risk?
Staff engaging with phishing emails is one of the main ways a ransomware attack can enter an organisation. In fact, emails with malicious attachments, file downloads and emails with malicious links accounted for 45% of attacks in the last year (Sophos, The State of Ransomware 2020). Knowing what to look out for could prevent an employee clicking a dodgy link or opening a file, saving your business from massive losses.
If an email seems phishy, look for these ten telltale signs to make sure you don’t take the bait…
It just doesn’t look right
- Trust your instincts!
- Beware of impersonal greetings like “Dear Customer”
Requests for sensitive data
- Hackers spoof genuine websites and try to trick you into entering your details
Specific information on you
- Crooks use info they find online to sound more convincing, such as from social media profiles or company websites
- Intimidating phrases are often used to get you to act without thinking
Poor grammar or spelling
- Often a dead giveaway
Sense of urgency
- Beware of forced time pressure – this is a common tactic
“You’ve won the grand prize!”
- These phishing emails are common, but easy to spot
“Verify your account.”
- Always question why you’re being asked to verify
- Beware of lookalike URLs meant to trick you, such as www.g00gle.com or www.hotmai1.com
If in doubt do not click, and contact your IT provider IMMEDIATELY. Better safe than sorry!
To help educate yourself and your team, download our anti-phishing toolkit by clicking on the images below.