As Cybersecurity continues to become more and more critical for businesses, companies must train employees on best practices to stay safe on the Internet. We think everyone knows not to click on a sketchy-looking email, but it still happens all the time. Scammers are continuing to use email to phish because people are still clicking.
ENISA reported in the Threat Landscape that 65% of all ransomware was delivered via email to corporate addresses. So while you probably have the proper security measures in place, individuals in organizations still need to recognize and avoid phishing scams on the off chance one makes its way into the inbox.
How to detect and identify a phishing email
Scammers often try to trick you into clicking a link by disguising a link in a seemingly ordinary email. Still, when you click, they’re able to gain access to your passwords, account numbers, and personal information.
Scammers adjust and evolve every day, but you can notice common signals that help you know you’re being scammed if you are looking out.
Phishing emails are often very generic. While an email may look like it’s coming from a source you trust — even a familiar name in your company — if you aren’t being addressed directly, it may be a sign that the email is the product of a phishing scam. Watch out for greetings such as “Attention everyone” or “Dear valued customer.”
They want you to act immediately. Phishing scammers don’t want you to examine the email or disregard it, so they often use emergent language such as “Your account is on hold” or “respond immediately,” causing you to panic and click first and ask questions later.
During the height of the pandemic, phishing scammers were trying to scare and capitalize on the confusion to steal data. Below is an example of a COVID-based phishing scam with notes and details on how to know it’s fake.
Going beyond to protect yourself from phishing
Security training is essential for everyone, but you can’t rely on activity and human behavior alone to stop phishing attacks. You should expect that your MSP or IT support company has created systems for you to stay secure and the scammers out of your inbox altogether.
Security software, setting it to update automatically, and enabling multi-factor authentication are a few of the ways to protect yourself. Beyond that, you will want to make sure you have backups of your data saved on secure storage.
If you have any questions on protecting your email inboxes, setting up security standards, and making sure your information doesn’t end up on the Dark Web, then contact CTTS today!