Just what is email phishing?
Well, you’ve probably seen it before…it’s when a bad guy, posing as someone you know, uses the ‘someone you know’s’ email to defraud you. When this happens, the spoofed email will encourage you to click on a link, log in to a website, open an attached document, or even initiate a wire transfer to a familiar person. This is an effective way to fool people, because you are unsuspecting and can quickly comply with the email. All it takes is a few seconds to click on a link, that downloads a virus onto your computer. Unfortunately this will probably happen to you at some time or another, even if it has already happened to you before. The most important thing you can do to protect yourself is beware and be informed.
What can you do?
This is scary stuff, but you can fight back. If you (and your colleagues or employees) look for the signs of phishing and practice basic email safety, staying safe is actually pretty easy. The best way to combat phishing is just exercising common sense.
Here are a few tips to keep you on your toes.
Do not share personal information! EVER!
This really cannot be emphasized enough. Never respond to an email with personal information, financial information or passwords. Ever. Think about the risk-to-reward ratio. Is the upside of quickly sending this info worth the risk? Remember — NO reputable company will EVER ask for these details in an email.
Visit websites directly from browsers and bookmarks – not email.
Whenever possible, avoid clicking a link in an email to login to an account. It’s easy to misrepresent where that link may be taking you. A link might say “PayPal.com,” but it’s really pointing at “PeyPals.com.”
A quick way to double check a link’s actual destination is to hover your mouse over it. In most cases, your browser or email application will show you the true path.
If you’re logging in to your bank or other website, access the site directly instead of clicking a link in an email. Be especially suspicious of emails asking you to click a link to confirm your account information.
Double-check attachments before you click or download them.
Be careful with attachments. Word documents and Excel spreadsheets may contain macros or viruses that compromise your computer. These files can automatically download malware or direct you to malicious websites. If an email or attachment looks even the least bit suspicious (misspellings? See below), confirm its origin with the sender. Call, text or message them before you click.
Also, it is critical to have anti-virus software installed and up-to-date on your computer.
Whatch for missspellngs and urginsee.
Although it’s not a hard and fast rule, poor grammar can often be a tell-tale sign of phishing. Look for unusual use of words, misspelling or even strange greetings (Hello Madam!). Also, be suspicious of an email that evokes a sense of urgency and asks you to do something right away.
When it comes to wire transfers, be extra vigilant.
The vast majority of people do not wire money as part of their day-to-day duties. So if you’re asked for a wire transfer, that should immediately raise a red flag. Double-check the request, OUTSIDE OF EMAIL, before you do anything. If you’re in the business of transferring money, never rely on email as a secure communication channel for these requests. Always confirm through alternative means.
When in doubt… DO NOTHING!
Being unsure and still clicking around suspicious emails can be disastrous. Take a little extra time to be vigilant and/or confirm emails origin and intent can save you, and your company, a ton of grief (and maybe even money). So if you have even an iota of doubt – DON’T DO ANYTHING. Delete the email, and pick up the phone.
Maybe more than ever before, the old adage holds true: when it comes to email and phishing it is truly better to be safe than sorry.
Some of the information in this email came from: https://blog.rackspace.com/email-phishing-rise-mailbox-safe