Back to top

Encompass® Agency Insights & Articles



Quick Tips to Spot Phishing Communications in Your Business

Phishing is the practice of trying to get people to reveal their personal information by sending them fraudulent emails that pretend to be from a legitimate company or contact. These emails contain links to malicious websites or have attachments that, once downloaded, install malware. And although most of us have heard of phishing by now, statistics from the Verizon 2018 Data Breach Investigations Report show that on average, four percent of people targeted by phishing campaigns still fall prey to them.

A man viewing a phishing alert on his PC screen.

So, what does this mean for your company? Well, if even one of your employees clicks on a malicious link or downloads an attachment from a phishing email, hackers could gain access to your network and data — with potentially devastating consequences to your business. To help prevent this from happening, here are some quick tips to spot phishing emails:

  • Double-check that communications are authentic. According to CSO, some of the most successful phishing campaigns use emails that look like something you're expecting, such as a shipping confirmation or a document from HR. Always double-check that these emails are really from the person, department or company they say they're from.
  • Be wary of emails pretending to be from a government agency. The IRS advises that cybercriminals are posing as government officials to intimidate people. However, no government agency will ever ask for your sensitive data by email. Again, when in doubt, call to check the authenticity of the email.
  • Hover over links before clicking on them. Cybercriminals often use domain names that look like those of real companies but are off by one or two letters. If there's a link in an email, you can hover over it to see the actual URL pop up.
  • Be alert to spelling and grammar mistakes. As CNET points out, many phishing scams that originate from outside the U.S. contain spelling errors and bad grammar.
  • Use anti-virus software to your advantage. Some anti-virus software programs offer features that automatically scan email attachments for malware or alert you to malicious websites.
  • Look out for fake landing pages. According to Small Business Trends, if you click on a link to a fraudulent website, you'll usually see a basic page without a header or a footer but that contains a form to collect your information.

Now that you know how to spot phishing communications, it's crucial to pass this knowledge on to your employees. This will help you protect your business from phishing scams. And since these scams are continuously evolving, the greater your online vigilance, the better off your business will be. Ultimately, if anything seems a bit off about an email, it's always smart to not open it and instead seek advice from whomever is in charge of your IT.


A group of Encompass agents

Customer Centric. Agent Focused.

Our simple, tailored approach to coverage offers powerful benefits to you and your clients.

Become an Agent

The general information contained in The Encompass Blog is provided as a courtesy, and is for informational and entertainment purposes only. The contents of this website are subject to periodic change without notice. Information provided on The Encompass Blog is not intended to replace official sources. Although attempts will be made to ensure that the information is accurate and timely, the information is presented "as is" and without warranties. Information contained on The Encompass Blog should not be mistaken for professional advice. Information contained herein should not be considered error-free and should not be used as the exclusive basis for decision-making. Use of website information is strictly voluntary and at the user's sole risk. We encourage you to obtain personal advice from qualified professionals when making decision regarding your specific situation.

Other resources linked from these pages are maintained by independent providers. The Encompass Blog does not monitor all linked resources and cannot guarantee their accuracy. Statements, views and opinions included in an independent provider's material are strictly those of the author(s). These views may not necessarily represent the opinions or policies of The Encompass Blog, the Encompass family of companies or its agents, officers or employees.

ECC Monitor: OK