October is Cybersecurity Awareness Month and we’re shining a light on phishing e-mails. One way to protect your company is by educating your employees about how to handle incoming communications and then taking bigger steps toward protecting your systems from these scams.
Phishing, the act of sending out e-mails that are meant to appear to be from a reputable company to gain personal information, is used by 65% of all known groups who carry out cyber-attacks. And while these scams have been going on since the mid-90’s the practice has only become more prevalent as our world becomes more and more reliant on technology.
83% of organizations and businesses said they experienced phishing attacks in 2021.
That’s a 7% increase since 2017. And it’s not just large companies these criminals are attacking. The FBI says that phishing is the third most common type of scam reported to them, regardless of a company’s size, industry, or location.
While scammers are constantly updating their tactics, some components stay the same. Having your employees be able to identify a phishing scam is one way to keep your company safe. With 97% of people saying they can’t even identify a phishing scam, Pulse Technology is here with some helpful tips.
- Check the sender’s e-mail address. You’ll often be able to verify a phishing e-mail by simply looking at the portion after the @ symbol. Go to the company’s website to verify the domain (the portion after the @) to see if they match.
- Be aware of when the message was sent. If it is sent outside of normal business hours, especially if it’s in the middle of the night, you may be getting a phishing e-mail from a fake company in a very different time zone. *This may be different for companies working internationally.
- It just doesn’t sound right. Often fraudulent e-mails contain grammatical and/or spelling errors. You’ll also want to analyze the content. Many questionable e-mails will tell a story to entice you to open the link or attachment. They may also ask for personal information. A reputable company will never ask for sensitive information via e-mail.
- The URL isn’t legit. Simply by hovering over (not clicking!) on the provided link you’ll be able to see where that URL would lead you. If the domain name on that link doesn’t seem right, it’s probably not!
- Be suspicious of all attachments. A bad attachment can expose you to malware and could even lead to ransomware. If you aren’t confident about the sender or content of the message, have your IT provider check it out.