Phishing and other fraudulent messages were the most common cybercrime in 2020 with over 200,000 reports, according to the U.S. Federal Bureau of Investigation (FBI), Internet Crime Report 2020. Approximately 90% of data breaches occur from clicking links in scam phishing emails.
Cyber attacks, including phishing emails, tend to get worse during the holiday season, especially in the days leading up to Christmas. It’s important to recognize and protect yourself against these attacks.
What is phishing?
Phishing is fraudulent communication that mimics a trustworthy source in order to steal data or personal information. This communication can come in the form of phone calls, SMS messages, and most commonly, emails. These emails will often include links to fake websites or include attachments that are infected with malware. Scammers will use these links to obtain information like credit card numbers, passwords, and even your social security number.
Recognizing phishing emails
Since phishing emails are so common, it’s almost impossible to avoid them altogether. Instead, it’s important to recognize the common signs of phishing emails so you can take the proper steps.
Look for these common signs in phishing emails:
Many phishing emails will not be addressed to you. Instead, these emails might use generic greetings like “Hello, customer” or use no name at all.
Remember, if a company truly needs to contact you, they will know your name!
Phishing emails typically try to create a sense of urgency surrounding an issue to make you act faster – and carelessly. They might claim an issue with your account and request you to sign in through a link. Don’t click that link! If you believe there is a legitimate reason for concern, go directly to the website to sign in or contact the company through an official form of communication.
Links in phishing emails may be misspelled, jumbled, or just entirely out of context. Hyperlinks may not go to the location they imply. Be mindful of clicking on unknown links.
Tip: Hovering over a hyperlink will show you the actual link location.
Phishing emails will sometimes include attachments. These may contain malware. Don’t download any attachments unless you’re 100% sure they are safe!
Always check the email address of the sender. Sometimes, the domain won’t match the company the email is from. Other times, the email address might be misspelled. The email address may also be a string of random letters. Whether the email address is obviously fake or it’s simply an address you don’t recognize, if it seems suspicious, proceed with caution.
One of the most common indicators of a phishing email is poor grammar. Most large organizations will have a team proofreading any emails before sending them. Also, keep an eye out for words or phrases that are misspelled the same way every time it appears in an email.
Protecting Your Data
Spam filters usually take care of phishing emails, but they still might make their way to your inbox.
If you do receive a phishing email, don’t click any links or download any attachments! You can also report phishing emails to help stop them in the future. Forward the email to the Anti-Phishing Work Group at [email protected] and report fraudulent emails to the Federal Trade Commission.
If you think you downloaded malware or clicked a suspicious, make sure to update your software immediately, change any affected passwords and back up your data. If you believe a scammer has access to your personal information, help is available on IdentityTheft.gov.
Dealing with phishing email scams can seem overwhelming, but tech42 is always here for you. We want to keep your team up to date on the latest phishing scams and how to protect yourself against them. We partner with KnowBe4 to offer training against phishing attacks so your team is prepared to fend off phishing attacks. Our team also works around the clock to keep your data safe and secure so you can enjoy the holidays.