094 90 48200     Get SUPPORT

Aniar IT Services Blog

Tip of the Week: How to Avoid Phishing Scams

Tip of the Week: How to Avoid Phishing Scams

For many businesses, email plays a crucial role in the dessemination of information. Whether it is simply interacting with clients or pushing directions to individuals, email is a simple and efficient way to communicate. One problem that organizations are running into is that individuals are being inundated with social engineering messages called phishing. This strategy is causing major operational problems for businesses, from malware to data breaches to extended downtime. For this week’s tip, we identify what exactly phishing is and how it is used to the detriment of many businesses and other organizations.

What Exactly Is Phishing?

The practice of phishing is not new. It has been used for much of the past decade. The strategy goes like this: hackers use deception to get a user to provide their own credentials, thus giving them unknowingly to the hacker. The hacker then accesses the account legitimately (as the user) and has free reign over the entire account. Sometimes they will go in and siphon data and sometimes they will hijack the entire account, but regardless of the hacker’s intentions a successful phishing attack is a successful transfer of power over an account. 

What’s worse is that you can get phished in multiple mediums. Email is the predominant channel where phishing attacks are carried out, but people can (and do) get phished over social media, instant message, or via text message. There are even phone-based or snail mail phishing attacks that direct users to go to a fake website where they would provide their credentials and/or personal information. 

There are even different forms of phishing based on their intended targets. The general strategy behind traditional phishing attacks is to send emails out to as many people as possible, hoping to snare unwitting recipients into their phishing nets. Today, with more personal information available about people, there is phishing that targets individual people. This is called a spear phishing attack. Then there are spear phishing attacks that are carried out against business and organizational leaders. These are called whaling attacks. The intended imagery aside, phishing attacks are getting more direct, more deceitful, and more serious. 

Spotting Phishing

For all of the bad news surrounding phishing attacks, there is some undeniably good news: with a critical eye, you can tell when you are being phished. You aren’t going to fall for these types of attacks if you know what to look for. Today, we’ve put together a short guide on how to determine if you are dealing with a phishing attack and how to proceed when you are.

Look for Warning Signs

There are a litany of warning signs that will help you spot a phishing attack. Most of them are pretty obvious, and some of the more subdued ones come with telltale signs. 

Does the message have spelling and grammar mistakes? 

Not many businesses will send out official correspondence with grammar and spelling mistakes. This should be the first sign that something is amiss. Most phishing messages come from supposedly-reputable organizations and while a spelling or grammar mistake does happen from time-to-time, several mistakes won’t happen.  

Does the message deal with curious circumstances? 

One of the biggest telltale signs that you are dealing with a phishing attack is the tone of the message that is received. Does the message reference immediate situations that need to be remedied? Does it mention money or illicit a sense of fear or anxiety? If it has these elements, it’s probably not legitimate. Think about it: most organizations that need you to act immediately will have specific ways of contacting you and that correspondence will make it clear that you are dealing with a legitimate organization.

Does this message have a trusted URL?

Most phishing attacks will redirect to a website that is set up by the hacker. You probably shouldn’t be clicking on any links sent to you in an email unless you are sure who sent the email. One way to determine whether or not a link is from a reputable source is to mouse over the link and see where the link goes. If you get an email from Amazon and the link goes to amazorn.com, you are staring at a phishing email.

Protecting Your Assets

There are a couple simple ways to ensure that you or a member of your staff doesn’t fall for phishing attacks:

  • Use technology. A spam blocking filter on your email will go a long way towards removing unnecessary and potentially-malicious emails from hitting employee inboxes in the first place.

  • Training. Make sure your employees are trained to spot and properly handle attempts that may come through. By starting with the end user, you’re taking away a lot of the power that phishing has.

At Aniar IT Services, we appreciate the importance of secure workplace practices. If you’d like to learn more about phishing, and how we can help stop it from hurting your business, reach out to us at 094 90 48200 .

IT Trends SMBs Should Focus On in 2020
Social Engineering Isn’t Going Away


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Wednesday, April 08 2020

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Business Computing Best Practices Productivity Privacy Cloud Innovation User Tips Workplace Tips Email Internet Microsoft Hosted Solutions Data Software Network Security Efficiency Hackers Data Backup Hardware Data Recovery IT Support Google Tech Term Communication Smartphones Mobile Devices VoIP Small Business IT Services Cybersecurity Managed IT Services Windows 10 Communications Computer Phishing Cloud Computing Collaboration Gadgets Android Business Malware Users Backup Network Mobile Device Artificial Intelligence Smartphone Outsourced IT Business Continuity Windows Internet of Things Business Management Miscellaneous Saving Money Information Server Browser BDR Facebook Upgrade Spam Chrome How To Managed Service Router Office 365 Social Media Holiday Passwords Word Cybercrime Paperless Office Microsoft Office Applications BYOD Windows 7 Disaster Recovery Blockchain Computers Automation Data Protection Patch Management Networking Data Storage Two-factor Authentication Data Breach Ransomware Apps Save Money Vulnerability Connectivity Money Operating System Telephone System Managed IT Encryption Human Resources Infrastructure Display Remote Monitoring Staff Bandwidth Settings History Virtualization Quick Tips Data Security Mobile Device Management Telephone Systems Unsupported Software Wi-Fi Social Engineering Processor HIPAA Avoiding Downtime Virtual Assistant Identity Theft Augmented Reality Business Technology Spam Blocking Comparison Google Docs Bring Your Own Device Sports Education Managed Services Provider IT Management Access Control Servers Law Enforcement Telephony App CES Meetings Fraud Big Data Scam Vendor Website Update Google Drive Help Desk Business Intelligence Digital Signage Keyboard Machine Learning Content Management Botnet VPN Cryptocurrency Training Private Cloud IT Plan Password Software as a Service Government Managed IT services OneNote Redundancy Voice over Internet Protocol Remote Remote Worker Database Manufacturing Computing Public Cloud Password Manager Nanotechnology Shortcuts Tools Work/Life Balance Hypervisor Save Time Frequently Asked Questions Recovery Remote Workers Wireless Charging Inventory Microchip Start Menu Copiers USB Data loss Document Management Camera Sync Multi-Factor Security Investment Printing Computer Fan Criminal Smartwatch Vendor Management Going Green Digital Signature Wiring WiFi Virtual Reality Professional Services Software Tips Business Mangement Smart Tech Enterprise Content Management Mobility Millennials Electronic Medical Records Wire 5G Proactive IT Excel Managed IT Service Google Apps Search Engine Hard Drive Development Health Project Management Cortana Alert Online Shopping Printers ROI Personal FENG Addiction Saving Time Credit Cards PDF The Internet of Things Firewall Flash Cabling Fiber Optics Gmail Hacker Password Management Social Value Workforce Data Management MSP Net Neutrality Tip of the week Workers Bing Specifications Messaging Employee Bitcoin Evernote Cleaning Entertainment Warranty Trending GDPR Digitize Procurement Unified Threat Management HaaS Cables Trend Micro Solid State Drive Recycling Devices NIST Downtime File Sharing ISP Windows Server 2008 OLED Using Data Windows 10s Authentication HVAC SMS Compliance HBO Batteries Screen Mirroring Practices Printer Remote Computing IT Assessment Cache Telecommuting Employee/Employer Relationship Employer-Employee Relationship Amazon Mobile Computing Default App Shopping Audit Physical Security eWaste Thought Leadership Root Cause Analysis Cryptomining Computer Care Biometric Security Information Technology Virtual Machine AI Wireless Google Search Outlook Virtual Private Network Cast Charger Hosted Computing YouTube Mouse Skype Windows Server 2008 R2 OneDrive Wireless Internet Travel Remote Work Amazon Web Services Accountants Smart Office IT Infrastructure Social Network Legal Safe Mode Security Cameras Hard Drives Public Speaking Presentation Company Culture Search Twitter Lithium-ion battery Wireless Technology Tech Support Managing Stress CrashOverride IBM Safety Office Productivity Marketing Budget Personal Information Managed Service Provider Customer Relationship Management Competition Hiring/Firing IP Address Financial Customer Service Fun Mobile Office Domains Emergency Regulation Windows 10