What Is Phishing?

by Wally Moore

on June 25, 2020

in Data Breach

Phishing

A short animated video on Phishing.

Informative, helpful, and worth six-minutes of your time.

Introduction

In April 2019, it was estimated that 293.6 Billion emails were sent around the globe each day. Because it’s such a widely used form of communication, there are those who seek to exploit it. That said . . .

Recognizing and dealing with Phishing Scams is the message of this video.

So, what is Phishing?

Phishing is the act of attempting to manipulate the recipient of a malicious email, into opening and engaging with it. A sender of a malicious email intends to deceive a victim by making the email seem important, and from a reputable source. When it’s opened, it causes harm to the user’s computer or attempts to steal private information such as login credentials.

How Do You Identify Phishing?

With the number of spam emails expected to increase by 190 Billion a day, through 2023, it’s important to spot 5 Tell-tale signs of a fraudulent phishing email.

Tell-tale sign #1 is Confirming Personal Information

Often, you’ll receive emails disguised to look authentic. They might mimic the style of your current company or an outside business, such as a bank or credit card company. It’s crucial you don’t click on or respond to these emails. Before responding, determine the legitimacy of the email, by contacting the organization directly, or searching on the Internet.

Tell-sign #2 is Fraudulent Email And Web Addresses

Phishing emails come from an address that appears to be legitimate. These emails may contain the names of genuine companies and replicated the company’s personal sites or email accounts.

Tell-sign #3 is Grammar

Phishing emails often contain poor grammar. Errors and conflictive sentence structure are common. A legitimate company would have constructed an outbound communication professionally, and checked for spelling errors, and other mistakes.

Tell-sign #4 are Scenarios

Many phishing emails attempt to instill a sense of worry into the recipient. The emails may give a scenario that depends on you entering your credentials to solve it. For example, an email may state that your account will be closed if you don’t enter your personal information and act now. If you’re ever unsure of what an email is asking of you, and why, be sure to contact the company through other methods.

Tell-tale sign# 5 are Attachments

If you receive an email from a random company you do not affiliate with, the attachment might include some malicious malware or virus. Send these emails to your security team instead of attempting to open them yourself. A common example is a “past due” invoice attachment.

Here’s How To Avoid Falling Prey To Phishing

Phishing attacks primarily disguise themselves as trusted organizations and people. Be wary of email titles and phrases such as “your account has been locked,” “update your record,” “email couldn’t be delivered to you,” and unwarranted refunds on taxes or purchases. When in doubt, again, contact the sender or company directly through the official website, or the individual in person. Do not click any of these links or attachments.

Here are 5 Tips On Not Becoming Prey

  • Be Wary Of Links Hover over potential links in emails to verify the legitimacy before clicking on them. Hovering lets you see the link’s full URL, and from there, you can determine if the website is secure and the correct destination before visiting.
  • Anti-Phishing Toolbars Some internet browsers can be fitted with anti-phishing toolbars that run checks on sites before you visit, and compare them to lists of known phishing sites. Because user-added extensions can also be malicious, it’s best to discuss this with your company’s team or Managed Services Provider (MSP) before adding.
  • Verify A Site’s Security URLs that begin with “https” and have a closed lock icon near the address bar are secure websites. This means anything you enter will only be visible to you and the website, but no one in between. One thing to note: “secure” and “not malicious” are two different things. A malicious website can still run https:// so always verify where you are before entering any information.
  • Don’t Send Private Information Via Email Email travels across the globe in plaintext or non-encrypted form. This means it is not secure from attackers, positioned to read emails as they travel across the Internet. Never send highly-confidential information (such as social security numbers, credit card numbers, bank account numbers) through email. You should only communicate secure information such as usernames, passwords, or banking information vis a secure website or over the phone.

Conclusion

Since email is the main form of business communication, it poses different threats to organizations and individuals. The best way to avoid and protect yourself from an attack is awareness and education.

Use a program specifically designed to simulate phishing attacks, and provide in-depth security campaigns from ID Agent and DTS InfoTech. It will reduce your risk of falling victim to a scam through employee educations. Plus, employees never leave their desks for the training.

Here at DTS InfoTech, we have partnered with ID Agent to provide our customers with a comprehensive set of threat intelligence and identity monitoring solutions. We have reprinted this article with their permission, to access the original article download it here.

Thanks for watching!

If you would like more information, please give us a call, we’re always happy to chat, and the call is FREE! Calls are always free.

Return to: IT Services

Dedicated to your success,

Wally Moore

Business Development Manager

dts|infotech . . . secure computer networks that work

503.359.1275

www.dtsinfotech.com

GET HELP NOW