The Phishing is perhaps the biggest threat to cyberspace in more than five years. For this reason, all the users and especially the Employees should be very careful and recognize the signs of a phishing attack.
Anyone can be a target for criminals.
Given the number of phishing attacks that occur daily, all users should consider any email they receive as suspicious.
While this may sound extreme, it is important to become one careful check of the email to verify its authenticity.
There are many signs that an email is a phishing attempt.
Let's look at some of the most common:
If the domain name matches the sender, then the message is probably legitimate. However, having the company name anywhere in the email is not enough to consider an email secure.
The way it is written e-mail
The way the supposed sender speaks is very important. If a partner or client suddenly speaks very familiar or a close friend uses official language, this should raise suspicions.
When we communicate with an acquaintance we know the language he uses and the way he speaks. Therefore, it is easy to perceive any change.
Spelling, grammar or syntax errors
Spelling, grammar or syntax errors are indications of phishing. Most legal Companies pay attention to the way they write and spell check the emails they send.
Therefore, erroneous emails should raise suspicions, as they may not come from the sender that appears in the email.
Inconsistencies in web addresses
When you receive a message, it's good to compare addresses emails, links and domain names with addresses in previous communications.
Also, recipients should always place the mouse pointer on a link before clicking on it, to see its true destination.
Most phishing emails create a sense of urgency. They call on the victim to respond quickly to their request, hoping that they will not spend too much time checking the email.
If an email asks for something unusual, then the users should be very careful.
For example, an employee of a company may receive an email from an IT company regarding the installation of software. The recipient of this email should be someone from her IT department company. If any other employee receives the email, then something is probably wrong.
Attachment file or link
Phishing emails usually include attachments or links that try to infect the victim's device or steal personal information.
Request for supply credentials or personal information
Legitimate companies do not personally request data and passwords via emails, so this should immediately catch the eye.
Legitimate companies usually address users by their name while in phishing emails, general greetings are used, such as "Dear Member", "Dear Account Holder" or "Dear Customer".
The above shows that there is a great need to take some protection measures. Let's look at some of them:
- Use email spam filters
- Protect devices with anti-virus software and regular software updates
- Use a unique password access for each of the online accounts.
- Multi-factor authentication application
- Make copies security
Business-specific protection measures:
- Inform staff about new threats and training with phishing trials attacks.
- Monitoring and protection of endpoints.
- Restrict access to important systems (access to systems only those who absolutely need it should be of the utmost importance).
- Network segmentation
If users and organizations take the above measures, they can be highly protected.
Beyond that, the only sure effective method protection one of the phishing emails is to not open any emails.
This, however, could not be done since it is one of the most common methods of communication especially in the workplace. So once someone is forced to open an email, they should check for all the signs mentioned before, and if it finds something suspicious, it should neither reply nor open a possible link or attachment.
Alternatively, it should be done scan the attachment for viruses.
If in doubt, the user should to call at phone the alleged sender to confirm the email request before doing anything.
Finally, if the e-mail seems strange and comes from a complete stranger, maybe it should be deleted directly, without even being opened.
The success rate of phishing attacks is very high. So we all need to be vigilant.