Tuesday, 19 April 2022

Phishing (cyberattacks topic 2)

Phishing occurs when hackers pose as a trusted figure who uses carefully crafted emails to trick you into visiting a malicious website, downloading a corrupt file, or handing over your password before using that information to gain access to a business network or your personal information. One of the most common ways phishing occurs is by using the art of storytelling to entice users to interact with a link or attachment. 

These could include tactics such as:

Including a fake invoice

Asking you to confirm your personal information

Claiming there’s a problem with your account or payment information

Notifying you of a suspicious activity or log-in attempts

Asking you to click a link to submit a payment

Spot An Attack:

The best way to avoid a phishing scam is to learn the different types of phishing attacks a user can experience. Hackers often have more success phishing employees because they spend the majority of their day clicking on links and downloading files for work. Here are a few examples of misleading information scammers use to entice users to interact with their emails: 

Fake shipping or delivery notifications

Fake purchase confirmations & invoices

Requests for personal information

Promises of attractive rewards

Charity or gift card scams

Use of urgent or threatening language

Unexpected emails

These are just a few ways that a scammer will try to trick you into clicking a link or opening a  dangerous attachment. You always want to pay attention to a few key details when trying to determine if an email is safe or not. 

Look at factors like:

Who is sending the email- If you don’t immediately recognize the sender, you’ll want to see if the person or business name is spelled correctly. Another way to identify a suspicious sender is looking to see there are a bunch of random characters instead of a clear email address.

Who is the intended recipient?

 Hackers can target recipients within your organization who could have access to private company details. If you are a person who manages confidential information like finances, customer data, or intellectual property, please be aware that you are a prime target for hackers.

Subject Line- Always examine the subject line of an email before opening or responding to it. Seeing grammar or misspellings from an accredited business or institution is often a clear indicator of a suspicious email.

Any suspicious links or attachments- Phishing emails often include outbound links that will redirect you to a page that is broken or not a true URL. Hover over any links in the email and see if they look legitimate, if you don’t recognize the link, don’t click it

The type of content in the email – Examine the overall tone of the email. You should always read the content for clarity and grammar before responding or engaging with an email.

Don’t forget that as we all continue to work from home it’s extremely important for the safety of you and your company’s information that you don’t open any suspicious or unwanted emails.

How To Protect Yourself From Phishing Attacks

While we would love to think that our email provider is perfect and will automatically filter out any suspicious or wanted emails, that’s not always the case. Scammers have gotten better at outsmarting the spam filters which makes it easier for them to make their way to your inbox. It’s always a good idea to have a few extra layers of protection to prevent phishing attacks.

Think before you click on any links!

Make sure your computer’s security software is up-to-date.

Do not share personal or financial information via links found in emails.

Protect your accounts by using multi-factor authentication.

Be cautious and avoid clicking on pop-up dialog boxes.

Your company can provide all the warning and corporate training possible, but if you don’t take the steps to identify and recognize phishing as it happens, you could jeopardize the safety of your private information. 

What To Do If You Suspect A Phishing Attack

If you suspect that you have been the victim of a phishing attack, especially if you have been using a work computer or email address, notify your IT department immediately. is to always keep your information safe and secure from scammers.

No comments:

Post a Comment

Microsoft Thwarts Chinese Cyber Attack Targeting Western European Governments

  Microsoft on Tuesday   revealed   that it repelled a cyber attack staged by a Chinese nation-state actor targeting two dozen organizations...