Posts

How to Spot a Phishing Attack Through Email

It’s hard to imagine doing business in the 21st Century without email. It’s provided us with an instant tool for communication and an easy system for archiving information. Email also has given hackers a portal through which they can employ a phishing attack and infect an organization’s servers with malware and gain sensitive information, virtually effortlessly.

A phishing attack is when cyber criminals make a targeted attempt through email to trick individuals into opening links, providing sensitive information or downloading attachments with malicious software.

Phishing attempts are becoming more sophisticated and ever more frequent. For instance, more than 70 percent of targeted cyberattacks in 2017 involved the use of phishing emails, according to the Symantec Internet Security Threat Report 2018. That same report found that 7,710 businesses were hit by a scam each month in 2017.

Infomax recommends employees undergo regular training on how to recognize a phishing attack and stay aware of the latest scams. We offer regular cybersecurity training through our Complete Cloud and iGuard Managed IT services. Here are our tips on how to spot an email phishing attack.

Sender asks for personal information

Hackers have become very sophisticated, and an email can arrive in your inbox that looks authentic, mirroring the email interface of yours or another company. However authentic the email looks, a mental red flag should be raised if the individual is asking you to provide or confirm personal information. Whether it’s from an alleged human resources representative asking for your personal identification or an internal or external sender asking for financial information, you can’t be sure who may see your data once you hit the send button.

Trusted sources will never require you to email sensitive personal or business information because they know how easily accessible that information is to hackers. A trusted organization will encourage you to call a number, send mail or visit a separate, secured online platform. 

Email contains unfamiliar links

Similar to mirroring an email, hackers create false webpages that mimic real sites. When you’re prompted to enter information, such as a password, into the fake site, cyber criminals gain access to your and your organization’s information. They can also create malicious links that resemble real web addresses you or other employees frequent, hoping those who open an email don’t look too closely at a URL before they click.

Instead of clicking links train yourself and your colleagues to read a link in an email, checking it against the frequented URL in a web browser. Additionally, hover over and read the web address of links concealed within the text of the email.

Email is poorly written

An easy way to spot a phishing attack is if it contains awkward phrasing, rampant misspellings and grammatical errors. Emails from legitimate companies reflect the professionalism of those who work there. Before proceeding, those on the receiving end also should check that the email address from the sender is legitimate, not containing additional words or characters that readers may not notice on first glance.

Suspicious attachments are included

Never click on or download email attachments that look suspicious or that you are not expecting. The attachment could be a malicious URL or virus that can corrupt the user’s computer and lead hackers into the company’s network. Your business should invest in antivirus software that will scan for suspicious attachments. Employees should also verify attachments with senders by emailing them on a separate thread, calling them or messaging them in another way.

Remember not to give in to pressure from an unknown sender and always take time to consider the information received in an email before reacting. To secure training for your organization, contact us today.

How Safe Is Your Email System?

Everyone thinks they understand email security—don’t open emails from unknown senders, don’t click on suspicious links, don’t open untrustworthy attachments. But email security goes beyond common sense. To protect your business, and your employee and client data, you need to ensure proper email safeguards are in place before your email system s compromised. It’s important to ask the question: “Is your email system really secure?”

Here are several ways you can protect and defend your email system.

  • Consistent email policies. There is strength in unity. Therefore, it is essential that your employees are all on the same page when it comes to email. With just one chink in the armor, your defenses are lowered. Be sure that every employee is on the same page when it comes to email protocol, and then backup your policies with automatic safeguards to ensure compliance.
  • Reliable email filtering. Email filtering is absolutely vital in protecting your company’s sensitive materials. At Infomax, our iGuard core email filtering will recognize and eliminate nearly all viruses, worms, and other intrusions before they present lasting problems.
  • Efficient archiving. If not properly regulated, email archiving can become haphazard and headache inducing. Be sure that your emails are properly archived, so that they are easily retrieved in case of an audit. This will streamline a business process that will benefit your clients, as well as your personnel.
  • Thorough message encryption. Email encryption can help protect your business from prying eyes, both inside and outside your business’ walls. Using specific policy criteria, encrypted messages are sent automatically. This way, your valuable information is kept out of the wrong hands.
  • Dependable disaster recovery. Protecting your inbox from unexpected events is essential. When disaster strikes, be sure there is a reliable recovery system in place. For example, a system that provides auto-spooling of messages will ensure that your email is not thrown to the wolves if something goes wrong.
  • Guaranteed Continuity. When it comes to email, continuity matters. Email management and monitoring ensures that if your system goes down, your email system continues without interruption through a remote, redundant server. This way, your workflows do not come to a grinding stop in the event of an unforeseen problem.

To learn more about how to properly secure your email system, contact Infomax today!