Phishing is the practice of trying to get people to reveal their personal information by sending them fraudulent emails that pretend to be from a legitimate company or contact. These emails contain links to malicious websites or have attachments that, once downloaded, install malware.
So, what does this mean for your company? Well, if even one of your employees clicks on a malicious link or downloads an attachment from a phishing email, hackers could gain access to your network and data — with potentially devastating consequences to your business. To help prevent this from happening, here are some quick tips to spot phishing emails:
- Double-check that communications are authentic. According to CSO, some of the most successful phishing campaigns use emails that look like something you're expecting, such as a shipping confirmation or a document from HR. Always double-check that these emails are really from the person, department or company they say they're from.
- Be wary of emails pretending to be from a government agency. The IRS advises that cybercriminals are posing as government officials to intimidate people. However, no government agency will ever ask for your sensitive data by email. Again, when in doubt, call to check the authenticity of the email.
- Hover over links before clicking on them. Cybercriminals often use domain names that look like those of real companies but are off by one or two letters. If there's a link in an email, you can hover over it to see the actual URL pop up.
- Be alert to spelling and grammar mistakes. As CNET points out, many phishing scams that originate from outside the U.S. contain spelling errors and bad grammar.
- Use anti-virus software to your advantage. Some anti-virus software programs offer features that automatically scan email attachments for malware or alert you to malicious websites.
- Look out for fake landing pages. According to Small Business Trends, if you click on a link to a fraudulent website, you'll usually see a basic page without a header or a footer but that contains a form to collect your information.
Now that you know how to spot phishing communications, it's crucial to pass this knowledge on to your employees. This will help you protect your business from phishing scams. And since these scams are continuously evolving, the greater your online vigilance, the better off your business will be. Ultimately, if anything seems a bit off about an email, it's always smart to not open it and instead seek advice from whomever is in charge of your IT.