The ubiquity of phishing and denial of service (DoS) attacks has necessitated increased education and a greater awareness about the threats, as well as enhanced cognizance of the potential ways scammers seek to get sensitive personal and company information.
Phishing-related attacks have become significantly more rampant than in the past as demonstrated by a 162 percent increase between 2010 and 2014. Further, these attacks cost in excess of $4.5 billion annually. Identifying a threat before it’s too late has never been more important.
Of course, the best defense is a good offense. Blocking malicious e-mails before they reach one’s inbox is the most obvious preventive tool, and this can be realized by quality anti-phishing and other security software. However, despite having a strong proactive plan in place, some phishing e-mails will always make it into inboxes. Of particular concern is that experts estimate that a whopping 97 percent of people cannot identify a phishing email—particularly a sophisticated one.
Experts offer these strategies to prevent falling prey to phishing attacks.
1. Do not trust the name displayed
It is very common for spammers to spoof an e-mail’s display name. The problem is so pervasive that recent analyses by global data solutions provider Return Path have demonstrated that nearly half of 760,000 e-mail threats that targeted 40 of the world’s largest brands were spoofed. To protect against potential problems, it is critical to check the e-mail address in the “From” header, and if it does not look quite right then do not open the e-mail. Additionally, check for spelling errors which are common in fraudulent messages.
2. Examine the salutation
If an e-mail is addressed to “Valued customer”, “Beneficiary”, “Dear friend”, or any other vague person, then do not open any attachments or click on any links. Legitimate businesses always use a customer’s or client’s full name in any legitimate salutation. Additionally, check the signature. Legitimate business correspondence will contain the sender’s contact information.
3. Look before you click
Before clicking on any links in an e-mail, hover the cursor over them and if anything just doesn’t look right, then do not click. Alternatively, open a new window and type the URL to see where it may go. This is much safer than clicking on a link, especially from phishers who are purporting to be from financial institutions. Furthermore, and rather obvious but worthy of mention, never divulge any personal information via e-mail or by entering data into forms on an e-mail-directed website.
4. Keep an eye out for any subject line language that may appear urgent or threatening
Instilling fear or urgency is a common tactic—especially regarding suspended accounts, password changes, or unauthorized login attempts.
5. Beware of attachments
Virus and malware-infested attachments are very common. Opening an unexpected attachment is a recipe for disaster.
For more information on how to protect your business from phishing threats, please contact us.
Michael Durante spent his teenage years into his early 20s climbing the ladder in a branch of a successful banking firm, starting as a teller and ending as a Sr. Branch Manager within 6 years. In 2003, he left the banking world to join his father and create TIE National, a telecom company 60 years in the making. Together, they grew the company from a two-man operation solely working on telephones to a multi-million dollar international business with employees in over a dozen states, covering everything from phone systems to cloud products and computer systems. You can find Michael on LinkedIn.