We’ve all heard of phishing, whether in an article about ransomware attacks, a lecture about HIPAA precautions, or a news headline about your favorite celebrity. We all know phishing can do a lot of damage and that we must protect ourselves and our companies from it. But what is phishing? Phishing is the sending of fraudulent emails that attempt to steal information such as personal identification, passwords, credit card, bank information, etc. Your information is valuable, and there are corporations willing to pay for it. That means that there will always be others trying to steal it. Clicking a link, opening an attachment, or even logging into your email through a phishing email can have disastrous ramifications. Most ransomware attacks (such as the pipeline hack that has been in recent news) begin with a simple phishing attack.
If phishing is so dangerous, what do we do about it?
The most effective defense against phishing is knowledge. Know that phishing is very real and very dangerous and learn how to identify and deal with it. Right now, we’ll quickly talk about how you can screen emails for phishing on your own, and in next week’s blog, Charles will talk about how to utilize anti-phishing tools, such as Ironscales.
Often, phishing emails are well-disguised and very tricky to differentiate from real emails. But, there are a few tactics that phishers use to lure users into revealing information.
Phishing emails often demand immediate action or create a panic in the user. Maybe an email claims that you have been hacked and need to do an immediate password reset by clicking a link. Stop and think! Can you reset that password by going to the website directly? Do that instead.
Phishers also change minute details in emails that are easy to miss if you’re in a rush. Check for small irregularities like a misspelling in an email address or incorrect grammar. Oftentimes the bodies of these emails have been either copy and pasted from somewhere else or written by someone for whom English is not their first language. If the syntax of the email sounds off or you see multiple fonts used throughout the email, you are most likely looking at a phishing attempt.
What to do?
Don’t fall for phishing because you’re panicked or in a rush. If you’re worried about phishing or you need more protections, call us!