Phishing (or spear phishing) emails are designed to appear as legitimate messages from real companies, such as banks and other major organizations. Criminals usually create these messages in effort to steal your cash, assets, identity, or any combination of personal things. They might want you to click on a link that will take you to a website identical to the service you normally use, but it is designed to capture your credit card or other personally identifiable information, or maybe even to distribute malware to your device or network.
Here are some of the most common ways to identify phishing emails and a few ideas on what you should do to protect yourself from harm:
1. The subject line or content… have incorrect spelling or grammar usage.
This is one of the easiest ways to tell that the email isn’t legitimate, since online scammers are often translating their messages from a different language or required to use improper spelling to make an attempt to trick you. The mistake might be easy to spot, such as ‘Dear Bank of Amerlca Costumer’ rather than ‘Dear Bank of America Customer,’ while others can be more difficult to spot. It is always important to inspect the email closely when it’s concerning sensitive login, financial, or other secure information.
2. The URL of the link is not the same as the one appearing in text.
The link in a phishing email might include the name of a real bank, but when you hover over the link, you may find out that the actual target URL is different than the one shown and also contains an inauthentic address. You can also hover over the email address in the ‘from’ field to find out if the domain matches the true organization that the email is supposed to be sent from.
3. The email asks you to take immediate action or requests personal information.
A phishing email may try to deceive you into clicking a link after telling you that your bank account has been closed or suspended, or claiming that ‘fraudulent activity’ requires your attention. To ensure that your credentials remain safe, do not click on the link in the email you receive, even if you assume it to be authentic. Instead, it is best to directly log into your account by visiting the authentic website yourself and checking your account status. Reputable organizations will never ask a customer for their personal information through email.
4. The email includes attachments that you didn’t expect to receive.
It is very unusual for any legitimate organization to send you emails with an attachment unless there’s a document you’ve specifically requested, and usually done through a secure web portal. In addition- if you do happen to receive an email containing an attachment, be sure you do not download it unless you are aware of exactly what it is because it could contain harmful malware.
Depending on the email platform you’re using, you should have an option to route incoming emails sent directly to junk unless they’re from your list of contacts or safe senders. Doing this could help to prevent you from accidentally becoming a victim of a phishing email that you believed was from a legitimate source. With this method, you can directly add email addresses for your bank or other secure applications in your trusted senders’ list and others will simply end up in the junk folder.
Even though most email providers do a decent job of filtering out junk or spam emails, it’s always good to have a few more layers of security put in place. In case you do accidentally fall victim to a phishing email, your antivirus or other security plugins can tell you that the site you are going to is dangerous. If that website does try to download malware on your machine, your security software or plugin could detect and prevent any malware from downloading.
Enterprise Computing Services offers managed services to allow small, medium & enterprise business owners to focus on their business and forget about these distractions. Keeping your infrastructure safe and up to date is extremely critical, and our regular monitoring and IT health checks ensure your systems will always run at optimal performance. Get peace of mind from ECS, knowing that your assets are protected with a suite of services customized to fit your business. Call (318) 219-3427 today!