Phishing is a type of digital attack in which threat actors send malicious emails designed to trick users into falling for a scam. The motive behind a phishing campaign is usually to get people to reveal financial information, credentials or other sensitive data. While sending out spam email in bulk is a tactic that is commonly used by phishers in generic, large-scale campaigns, phishers are now shifting in favor of targeted, well-researched attacks. Modern phishing campaigns often employ social engineering, or techniques used to manipulate psychology. These deceptive tactics encourage recipients to act rapidly without stopping to think.

Education and awareness are critical when it comes to phishing protection. Although phishing messages can be highly deceptive and difficult to detect, there are various best practices that you should implement to avoid biting the hook in a phishing attack.

Check for spelling and grammatical errors which can indicate that an email is fraudulent or malicious. Also, keep an eye out for suspicious subject lines and signatures.

If an email appears strange in any way, make a phone call to the sender to confirm the legitimacy of the email.

If you receive an email from a source you know but it seems suspicious, contact that source with a new email, rather than just hitting reply.

Scan all attachments for viruses or dangerous code.

Verify shared links to ensure that they do not lead to fraudulent websites or malicious code.

Think before you act! Take time to evaluate each email you receive before clicking on links or downloading attachments. For example, ask yourself: Does an order confirmation email you’ve received correspond to a recent purchase you have made? Do the sender and recipient addresses make sense?

Want to learn more about protecting yourself from phishing? Get in Touch >>

Sign Up and
Receive a Free

Cybersecurity Awareness Infographic at the End of the Month

CyberSecurity Month