The main reason phishing scams have become such a prevalent problem is that it works. And hackers keep finding new ways to increase the success rate even further. What used to be easily distinguishable attempts at stealing information have now become brilliant scams that look valid at first glance.
However, this doesn’t mean that phishing attacks always work. All that’s needed is for everyone to stay vigilant with online communications and ensure they know what to look for to identify a phishing scam. Here are some of the most important signs you should look out for.
Fake Email Address
Very few people stop to look at the sender’s address when they get an email. Most of the time, employees will glance at the subject line and check the message. If the recipient checked the validity of an email address, it might prevent most phishing attacks.
Amateur cybercriminals might use free email accounts like Gmail or Yahoo to send a phishing scam. Major players, however, use email domains just like real email. For instance, if you get an email from email@example.com rather than firstname.lastname@example.org, you’d better be wary.
Hackers will try to distract from their incorrect domains by changing the display name to match a safe name. Display names are easy to change and are used to gain trust with a hacker’s chosen victim. Be careful to confirm that the display name meant to garner your trust matches the correct email address!
Inconsistencies in Writing Style
If the style of writing is suspiciously different from what you have been getting from what appears to be the same sender, this can be a sign of a phishing hook. Also, some countries use different date formats. If date formats are not what you are used to, that’s also one sign. If any requests don’t match your normal expectations, you should do a double-check. Be cautious of emails that try to instill a force of urgency and fast response. The requests suspect emails make and how they make them can be key indicators for a phishing scam. When in doubt, it never hurts to double check through another communication method.
Errors in Grammar and Spelling
Official emails get checked for grammar and spelling mistakes or go through basic spellcheck. A few minor typos and one or two misspellings are forgivable, but email with blatant errors, especially if it is supposed to be from a reputable company, is a good sign of a phishing scam. It’s likely because the hacker used an automated language translator to mass produce the message for potential victims.
You should never open attachments unless you are expecting them or if you can confirm with the actual sender that they indeed intended them for you. Otherwise, don’t open it, no matter how legitimate looking the filename might be. It’s likely they loaded these attachments with malware that will unleash themselves on your system once you click on them.
No one would knowingly click on a fake link, but these phishing emails are made to look so real. To check whether they are valid or not, hover over them and read the URL, particularly the domain name. If it seems questionable, that’s because it probably is. Delete the email and don’t give it a second look. Even if a link looks safe, going to a site directly through a web browser rather than through a link can be an extra safe-guard.
Teaching Phishing Scam Signs
There is no 100% guarantee of protection against phishing attacks but looking out for these telltale signs is an excellent first step. As a business owner, be sure that all your employees know these signs and that you have properly trained them on the critical security measures against online threats. For more about these threats and what you can do to protect your business, start your new Employee Training today.
It’s time to take cybersecurity seriously. Call us and let’s protect your business today.