094 90 48200     Get SUPPORT

Aniar IT Services Blog

Tip of the Week: How to Avoid Phishing Scams

Tip of the Week: How to Avoid Phishing Scams

For many businesses, email plays a crucial role in the dessemination of information. Whether it is simply interacting with clients or pushing directions to individuals, email is a simple and efficient way to communicate. One problem that organizations are running into is that individuals are being inundated with social engineering messages called phishing. This strategy is causing major operational problems for businesses, from malware to data breaches to extended downtime. For this week’s tip, we identify what exactly phishing is and how it is used to the detriment of many businesses and other organizations.

What Exactly Is Phishing?

The practice of phishing is not new. It has been used for much of the past decade. The strategy goes like this: hackers use deception to get a user to provide their own credentials, thus giving them unknowingly to the hacker. The hacker then accesses the account legitimately (as the user) and has free reign over the entire account. Sometimes they will go in and siphon data and sometimes they will hijack the entire account, but regardless of the hacker’s intentions a successful phishing attack is a successful transfer of power over an account. 

What’s worse is that you can get phished in multiple mediums. Email is the predominant channel where phishing attacks are carried out, but people can (and do) get phished over social media, instant message, or via text message. There are even phone-based or snail mail phishing attacks that direct users to go to a fake website where they would provide their credentials and/or personal information. 

There are even different forms of phishing based on their intended targets. The general strategy behind traditional phishing attacks is to send emails out to as many people as possible, hoping to snare unwitting recipients into their phishing nets. Today, with more personal information available about people, there is phishing that targets individual people. This is called a spear phishing attack. Then there are spear phishing attacks that are carried out against business and organizational leaders. These are called whaling attacks. The intended imagery aside, phishing attacks are getting more direct, more deceitful, and more serious. 

Spotting Phishing

For all of the bad news surrounding phishing attacks, there is some undeniably good news: with a critical eye, you can tell when you are being phished. You aren’t going to fall for these types of attacks if you know what to look for. Today, we’ve put together a short guide on how to determine if you are dealing with a phishing attack and how to proceed when you are.

Look for Warning Signs

There are a litany of warning signs that will help you spot a phishing attack. Most of them are pretty obvious, and some of the more subdued ones come with telltale signs. 

Does the message have spelling and grammar mistakes? 

Not many businesses will send out official correspondence with grammar and spelling mistakes. This should be the first sign that something is amiss. Most phishing messages come from supposedly-reputable organizations and while a spelling or grammar mistake does happen from time-to-time, several mistakes won’t happen.  

Does the message deal with curious circumstances? 

One of the biggest telltale signs that you are dealing with a phishing attack is the tone of the message that is received. Does the message reference immediate situations that need to be remedied? Does it mention money or illicit a sense of fear or anxiety? If it has these elements, it’s probably not legitimate. Think about it: most organizations that need you to act immediately will have specific ways of contacting you and that correspondence will make it clear that you are dealing with a legitimate organization.

Does this message have a trusted URL?

Most phishing attacks will redirect to a website that is set up by the hacker. You probably shouldn’t be clicking on any links sent to you in an email unless you are sure who sent the email. One way to determine whether or not a link is from a reputable source is to mouse over the link and see where the link goes. If you get an email from Amazon and the link goes to amazorn.com, you are staring at a phishing email.

Protecting Your Assets

There are a couple simple ways to ensure that you or a member of your staff doesn’t fall for phishing attacks:

  • Use technology. A spam blocking filter on your email will go a long way towards removing unnecessary and potentially-malicious emails from hitting employee inboxes in the first place.

  • Training. Make sure your employees are trained to spot and properly handle attempts that may come through. By starting with the end user, you’re taking away a lot of the power that phishing has.

At Aniar IT Services, we appreciate the importance of secure workplace practices. If you’d like to learn more about phishing, and how we can help stop it from hurting your business, reach out to us at 094 90 48200 .

IT Trends SMBs Should Focus On in 2020
Social Engineering Isn’t Going Away
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, February 21 2020

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Business Computing Best Practices Privacy Cloud Productivity Email Innovation Workplace Tips User Tips Microsoft Network Security Hosted Solutions Internet Data Hackers Software Google Efficiency IT Support Tech Term Data Recovery Smartphones Data Backup Hardware Mobile Devices Cybersecurity Communications Communication IT Services Windows 10 Managed IT Services Small Business Gadgets Android Phishing Cloud Computing Business Malware VoIP Computer Users Smartphone Collaboration Backup Mobile Device Artificial Intelligence Outsourced IT Network Business Management Miscellaneous Saving Money Internet of Things Server Windows Business Continuity Browser Facebook Upgrade Spam Information BDR How To Managed Service Office 365 Router Social Media Chrome Paperless Office Passwords Windows 7 BYOD Holiday Word Cybercrime Computers Applications Data Breach Managed IT Encryption Data Storage Two-factor Authentication Infrastructure Save Money Staff Blockchain Vulnerability Apps Telephone System Automation Operating System Microsoft Office Data Protection Patch Management Display Ransomware Remote Monitoring History Quick Tips Connectivity Settings Data Security Money Virtualization Mobile Device Management Fraud Scam Virtual Assistant Wi-Fi Human Resources Update Business Intelligence Keyboard Content Management Botnet Augmented Reality VPN Spam Blocking Password Bandwidth Disaster Recovery Bring Your Own Device Education Managed Services Provider Government Servers Managed IT services Redundancy Voice over Internet Protocol IT Management App Telephone Systems Vendor Help Desk Meetings Social Engineering Google Drive Avoiding Downtime Big Data Machine Learning Digital Signage Website Identity Theft Cryptocurrency Training Software as a Service Comparison Private Cloud IT Plan OneNote Google Docs Sports Networking Access Control Law Enforcement Unsupported Software Processor Telephony CES Document Management Camera Investment Printing HaaS Recycling Devices Smartwatch Wiring Business Technology Computer Fan Virtual Reality Professional Services Windows Server 2008 Enterprise Content Management Authentication Mobility Data loss Vendor Management Cache Proactive IT Software Tips Managed IT Service HBO Practices Search Engine Hard Drive Development Project Management Telecommuting Amazon Printers ROI Personal eWaste Thought Leadership Health 5G Firewall FENG Cabling Fiber Optics Computer Care Password Management Social Cortana Alert Saving Time MSP Wireless Internet Net Neutrality Outlook Charger Hosted Computing Bing Messaging Skype Bitcoin Travel Remote Work The Internet of Things Amazon Web Services Entertainment Accountants Warranty GDPR Digitize Hacker Legal Employee Work/Life Balance Unified Threat Management Cables Trend Micro Password Manager NIST Nanotechnology Procurement Tools HIPAA File Sharing USB ISP Solid State Drive OLED Using Data Frequently Asked Questions Recovery Wireless Charging HVAC Inventory SMS Start Menu Batteries Printer Downtime Remote Computing IT Assessment Sync Multi-Factor Security Criminal Compliance Windows 10s Millennials Digital Signature Mobile Computing Default App Shopping WiFi Business Mangement Smart Tech Screen Mirroring Employee/Employer Relationship Electronic Medical Records Wire Cryptomining Audit Physical Security Biometric Security Information Technology Excel Google Apps Employer-Employee Relationship Virtual Machine Virtual Private Network Online Shopping YouTube Mouse Root Cause Analysis Windows Server 2008 R2 OneDrive Addiction Google Search Value Workforce Credit Cards Smart Office PDF IT Infrastructure Social Network Flash Gmail Safe Mode Security Cameras Cast Wireless Data Management Remote Worker Database Manufacturing Computing Tip of the week Workers Shortcuts Hypervisor Specifications Save Time Public Cloud Remote Workers Evernote Cleaning Microchip Copiers Trending Public Speaking Search Presentation Managing Stress Lithium-ion battery CrashOverride Wireless Technology Tech Support Emergency IBM Personal Information Safety Productivity Managed Service Provider Marketing Budget Customer Relationship Management Hiring/Firing Financial Competition IP Address Twitter Fun Customer Service Mobile Office Regulation Domains Windows 10 Company Culture Hard Drives