How to Identify Phishing Scams
Phishing is a form of fraud in which the attacker tries to learn information such as login credentials or account information by masquerading as a reputable entity or person in email, IM or other communication channels. Spammers often spoof e-mail in an attempt to get recipients to open and respond to their requests. They can make it seem like you are receiving an e-mail from your bank, your CEO, or any other trusted sources.
Phishing scams can attempt to obtain your password, have you transfer large sums of money to them, obtain sensitive information about you or your company, and much more.
Things to look for to identify a phished e-mail:
- Misspelled email addresses
- Requests for confidential information (such as social security number or password)
- Requests for monetary compensation
- "Urgent Action Required" or "Your account has been compromised" notices
- Generic greeting versus using your name
- No email signature
- Incorrect user display “friendly” name
- Links to a fake website
- Legitimate looking links that when you hover over show a different URL
- Attachments (especially attachments that end with .exe)
- Spelling errors, poor grammar, incorrect graphics
- Out-of-character requests from fellow employee(s)
How to protect yourself:
- Company mobile phones must be password protected. If your phone doesn't require a password to unlock it, please set one now
- Set a strong password (see guidelines below)
- DO NOT reply to the sender
- DO NOT open any links / websites
- DO NOT open any attachments
- If an email asks you for your password, DO NOT give it to them.
***No credible organization would request your password through an e-mail.***
- Unsure if internal e-mail was actually sent from a co-worker? Call them to validate it.
We recommend a policy of “Better Safe than Sorry.”
If you’re not 100% sure whether an e-mail you received is spoofed or not, it’s best to report it anyway. It’s better to confirm the e-mail is legitimate than take the gamble and risk a security breach.
Recommended Password Guidelines:
- Avoid using the same password you use for any other account
- Include the following parameters in your passwords:
- At least 1 number
- A combination of both uppercase and lowercase letters
- A minimum of 8 characters
- Change your password frequently – at least once every 6 months
- Do not use any personal or confidential terms such as your username, birthday, name, Social Security number, etc...
Let Us Keep You Safe. Contact Us Today: