Every day, you get emails, calls, texts and more from unknown sources requesting access to personal information or data that needs to remain protected. These cybercriminals may be asking for account numbers, passwords, for you to open an attachment or click a link, and so much more. At Innova Integrated Solutions, we care about your cybersecurity and the security of your business! We ask that you remember that technology isn’t always perfect, and some of the responsibility of protecting your information also falls onto the user. Keep reading to find out how you can protect yourself and business from phishing attacks.
How Do You Tell It’s A Phishing Attempt?
It Doesn’t Look Right
Is the message claiming to come from someone you work with but there’s something off about it? Trust your gut on this one!
Instead of addressing you as a person, phishing emails often are generic because they are usually sent out in large batches.
Links To Sites Asking for Information
If there is a link that leads you to an official-looking site where you’re prompted to input confidential data, this is a sign of a fake site built to gather information. Double-check the website URL to determine if it is a legitimate site before inputting any information.
Unexpected Emails About Your Information
If you receive an unexpected email with specific information about you such as job title or personal interests, this information could have been pulled from social networking sites to be more convincing.
Sense Of Urgency
If an email or message is pressuring you into taking action quickly (such as saying you’ve been breached, log in now), they are trying to trick you into giving up confidential data quickly and without thinking.
Common Types of Phishing Attempts
- Spear phishing – A targeted form of phishing where the attacker targets specific individuals within an organization and tailor their emails to seem as if it is a legitimate email. 91% of cyberattacks start with a spear-phishing attack.
- CEO Fraud/Business Email Compromise – A cybercriminal sends an email to a lower-level employee while pretending to be the CEO or another executive. Their goal is to get their victims to transfer funds to a fake account.
- Clone Phishing – The attacker will create a replica of a legitimate email, and send the message from an email address that looks legitimate.
- Domain Spoofing – Domain spoofing can come in two forms. The first is that the attacker will make their emails look like they’re coming from the official domain. Another form is that the attacker makes a fake website that looks like the real thing, in hopes that the visitor doesn’t notice and will input confidential information.
- SMS Phishing – Attackers send out text messages that appear to come from a legitimate source and they contain malicious links for you to click on.
How To Protect Yourself From Phishing Attacks
- Train Employees on Email Best Practices
- Report Suspicious Emails
- Use A Password Manager
- Turn On Two-Factor Authentication
- Use A Sender Policy Framework
- Use Secure & Encrypted Websites
To keep your information and even your business safe, the first line of defense against Phishing attacks is you. By educating yourself on phishing, you’ll be able to better determine phishing attempts and hopefully won’t take the bait! If you have any questions or need a decimated team of I.T. experts to keep your business safe, contact Innova Integrated Solutions today.