Dura-Tech joins together with LeadingIT Learn more

Return to blog phishing scam protection
May 21, 2021 | By stephen
Share
Share

Any Email Could Be A Phishing Scam

More than 20 years after the first recorded attempt, phishing attacks are still one of the most significant and common cyber-attacks performed by cybercriminals. Even with everything you know about scam emails, you’re still likely to fall victim to a phishing attack. You probably already have a new batch of phishing attempts in your email inbox as you read this. But what exactly is phishing?


Check out our latest video to learn more about phishing:

Don’t Get Caught Phishing Every Contact | LeadingIT 028


How Exactly Does Phishing Take Place?

Phishing is a type of social engineering used to obtain sensitive data such as account usernames and passwords, social security numbers, or credit card information. A phishing attack may come in an email, a text message, or a message on a social media platform. However, phishing emails are the most common.

The attacker typically presents himself as a trusted entity, often as a legitimate organization or person in authority. The email usually contains a malicious attachment or link, which often leads to the installation of malware or ransomware in the victim’s computer when clicked on or downloaded. The hacker’s primary goal is to trick the victim into downloading the attachment or clicking on the link.

A phishing attack on a business may lead to the freezing of company systems and the withholding or disclosing sensitive corporate data.

How Do You Identify Phishing Scam Emails?

Hackers launch thousands of phishing attacks daily, and many are often successful because users ignore the details of the email. Here are some features to help you identify phishing emails.

1. The Recipient Isn’t Addressed Directly

You will not be addressed directly in the email. Since hackers don’t know you, they will use generic salutations and address you as, ‘Dear Customer/Sir/Madam.’

If a company has any information about your account, they will know your name, address you using your name in the email, or contact you via phone. Some emails will avoid the salutation altogether.

2. Unexpected Links and Attachments

Unexpected emails that contain attachments or links reek of scammers. Legitimate institutions don’t randomly send you emails with links or attachments. Instead, they direct you to their websites to download required files.

3. Unrealistic Threats, Offers, and a Sense of Urgency

Intimidation is a popular feature in phishing scams. These emails usually state that there’s a problem with your account, they’ve noticed suspicious activity on your account, or they’d like to confirm some personal information. They then threaten you that unless you click on a link or download an attachment immediately, ‘your account will be suspended or closed.’ Some emails come in the form of unrealistic offers. These offers are usually for a limited period, and you are encouraged to click on a link to seize the offer. In both instances, a sense of urgency is demanded.

4. Poor Grammar and Grammatical Errors

Although most email phishing senders disguise themselves as well-established companies, their emails are usually full of poor grammar and grammatical errors. An email from a reputable organization should be well written. The cybercriminal hopes that by reading the email in haste, you might not scrutinize the email and realize that it’s not legitimate.

5. Inconsistent Email Addresses, Domain Names, and Links

Another way to identify a phishing email is to look for inconsistencies in the links, domain name, and email addresses.  If you have received a previous email from the company, cross-check to see if the two email addresses match. If there’s a link, hover your cursor over it to ascertain if the one that pops up is similar to the one attached. If the domain link doesn’t include the company’s name or has additional letters and numbers, that may also be a sign that it’s a phishing email. If an embedded link doesn’t seem correct or match the context of the email, don’t click on it.

6. Requesting for Sensitive Information

The chances are high that if you receive an email from an institution that asks you to provide sensitive information, it’s a scam. Most organizations will not send you emails asking you for account credentials, social security numbers, or credit card information. Never conduct financial transactions via email.

How Can You Avoid a Phishing Attack?

There are a number of ways you can prevent a phishing scam attack from taking place. These include:

1. Use a Spam Filter

Over the years, spam filters have evolved and are more efficient. It’s therefore essential to use them. Spam filters help you to flag emails with questionable content and keep them away from your inbox.

2. Ignore Spam Emails

If an email doesn’t come to your inbox and ends up in your spam folder, treat it with the suspicion it deserves. Don’t respond to spam emails, as this will let the hacker know that your email address is active and increase your chances of continually being targeted by phishing attacks. If you receive an email from someone you don’t know and the email contents seem suspicious, report the email as spam.

3. Don’t Click or Open Unsolicited Links or Attachments

For an attack to be successful, it requires an action on the part of the victim. Avoid clicking on links or downloading attachments as they might contain malware that can give hackers access to your company networks. If you receive an unexpected email that contains suspicious links or attachments, report it as spam.

4. Install Anti-Virus Software

Install effective anti-virus software on your devices to prevent the installation of malware. Scan all your email attachments using the software before downloading them to help detect and remove malicious files or programs.

5. Install Firewalls in Your System

Firewalls help to create a barrier between your internal network and external traffic. It monitors incoming traffic and blocks malicious traffic.

Whether you have the most secure network, all it takes is one untrained employee to click on a malicious link or download an attachment and give away all the sensitive corporate data you have worked so hard to secure. It’s, therefore, crucial to ensure that both you and your employees know how to identify and avoid phishing attempts.

Are You In Need of Fast and Friendly IT Services in the Chicagoland Area?

Leading IT  offers 24/7, all-inclusive, fast, and friendly cybersecurity and IT support for nonprofits, manufacturers, schools, accounting firms, religious organizations, government, and law offices with 10-200 employees across the Chicagoland area.

Let Us Be Your Guide In Cybersecurity Protections
And IT Support With Our All-Inclusive Model.

Meet with us