The notion that cyber Criminals are advanced black hats is as dated as it is inaccurate. While it’s certainly true that sophisticated criminals do exist in the digital realm, the vast majority of online crime tends to be a bit more direct—case in point, Phishing Email scams.
It’s one of the oldest tactics on the web, right up there with ransomware and distributed denial of service attacks. It’s incredibly simple to pull off, in most cases requiring only a bit of research and a knack for manipulation. And it works exceptionally well.
Part of the reason for that, I suspect, is that people don’t understand what to look. The good news is that this is simple enough to address. Even the most well-crafted Phishing Email have a few telltale signs you can train yourself to recognize, ranging from subtle to obvious.
- A vaguely threatening, demanding, and urgent. The scammer may claim that there’s been suspicious login activity or that your financial details need to be updated lest you lose access to your account.
- Obvious spelling, grammatical mistakes. Businesses like Apple, Google, and Netflix tend to have automated emails that carefully proofread before going out.
- An email that looks vaguely legitimate, with one or two noticeable changes. Examples might include email@example.com, accountspayable@g0oGl3.com, and so on.
- If the email purports to be from someone you know, it may use unfamiliar language or a strange tone.
- The email uses a generic greeting or universal language when the sender should know details about who you are.
- Email either doesn’t feature any graphics or uses graphics that are unusually low-resolution and low-quality.
- The email requires you to click on a link, usually to submit payment information or update account information.
- It includes an attachment with an unusual file extension or multiple file extensions. Never click on these.
As you may have already guessed, a little mindfulness goes a long way in protecting you against phishing. The more caution you exercise, the likelier you are to avoid falling prey to a scam. To that end, I’m going to conclude with a few general best practices.
- Mouse over every link and read every file carefully before clicking on anything. Pay careful attention to anything that looks in any way unusual.
- If you receive an email from a co-worker or colleague requesting information, it may be worthwhile to double-check with them via a different communication channel.
- Remember that businesses will rarely ask for your personal information directly via email. If you suspect a Phishing Email may be legitimate, your best bet is to navigate to the company website manually and login there.
- Ensure your business has antivirus and antimalware protections on its email portal.
Phishing emails are one of the oldest tricks in the book where digital crime is concerned. The good news is that their relative simplicity makes them quite easy to avoid, provided you know what to look. With a bit of caution and knowledge, you can keep yourself safe.
About the Author
Tim Mullahy is the Executive Vice President and Handling Manager at Liberty Center One, a new breed of data center located in Royal Oak, MI. Tim has an established history of working in the information technology and services industry.
How Managed Security Services Can Protect Your Business
Cyber threats to small and medium-sized businesses are escalating rapidly. In 2024, attackers are more sophisticated and persistent than ever…