Have you ever received an email from your bank warning that your account has been locked due to suspicious withdrawals? The message might ask for proof of identity by clicking on a link attached in order keep it open.
Don’t fall for this scam! Odds are that this email is an example of phishing.
The scammers behind these fake pages have been known to use real looking layouts that are only slightly changed from their original form. They will often ask for personal information like passwords or account numbers. Once the scammer behind a bogus page gets that sensitive information, they can easily access your financial accounts or open new lines of credit.
Phishing is a form of social engineering. Phishers pose as a trusted organization to trick you into providing information. Phishing attacks have picked up steam during the COVID-19 pandemic and are showing no signs of slowing. Fortunately, there are often telltale signs that an email is phishing for your personal information. With a little bit of know-how and healthy skepticism, you can avoid falling victim to an attack.
How To Recognize a Phishing Email
Recognizing a phishing email takes a little bit of effort, but they are easy to spot if you know what to look for.
Many phishing emails are filled with grammatical errors, odd capitalization, and misspellings. The email might also contain odd phrases or sentences that sound a bit off. Read your email aloud. If something doesn’t sound right, be suspicious. It could be a phishing attack.
Phishers will often cut and paste the logos of government agencies, banks and credit card providers in their phishing emails. If the logo is of low quality — it’s fuzzy, indistinct, or tiny — this is a sign that the person contacting you doesn’t really work for that company.
One of the easiest and most effective ways to judge if an email is a phishing email is by verifying the website URL. In your email client, hover your cursor over the link the message is asking you to click. This will display the URL. Often, you’ll see that the URL doesn’t belong to whatever company is supposedly sending you the message. Be careful, though! You never want to click on a link you are unsure of. Hover, don’t click!
Additional Steps to Take
Outside of attention to detail, there are other steps you can take to help protect yourself and your data.
Enabling multifactor authentication on your all your accounts will help protect you from unwanted parties gaining access to your account. It isn’t fool proof, but the phisher will need to obtain more than just a password to be able to access any data or website.
Organizational training is a great way to make sure you and your company have the knowledge to help combat phishing attempts. ProviNET Solutions partners with a company called KnowBe4 for this training. KnowBe4 uses assessments to gauge proficiency in security knowledge.
ProviNET Can Help!
Additionally, ProviNET Solutions has vetted and partnered with several vendors that provide enhanced email security depending on the level of protection desired. Unsure if you need further protection? A member of the ProviNET Solutions Client Care team would love to have a conversation with you to discuss your email security posture, and to determine if there are additional steps you and your organization can take to protect yourself and your organization.