According to the FTC Consumer Information division, phishing is when a scammer or hacker attempts to steal personal or sensitive information through an email, text, or phone call. For many business owners, phishing emails present a worrisome problem that is only increasing as technology advances.
Take the worry out of email phishing with these seven helpful tips to avoid and spot a sophisticated phishing attempt.
1. Learn How to Train Employees to Single Out Phishing Emails
One of the best ways you can protect your company from phishing emails is to train your employees on what to look for and how to spot a phishing attempt. Phishing emails range from easy-to-spot mistakes to sophisticated use of logos and imagery. Make sure to train your employees on the different tactics and strategies that phishers use.
Phishing emails often include:
- An indirect or direct ask for personal or sensitive information
- Logos, fonts, or other imagery that resembles the company they’re impersonating
- Misspellings or grammatical errors that may be apparent or hard to spot
- An offer that appears “too good to be true” or a believable offer that mimics a real offer
- A sense of urgency in deadlines, the information needed, or what will happen if you “don’t click here”
- Links that appear broken, misspelled, or shortened and links that appear close to the real website
Security awareness training should also include procedural information on what to do if an employee suspects they have received a phishing email. At Computer Services Unlimited, our customers have 24/7 access to our expert team, which can help guide you through the process of dealing with a phishing attempt.
2. Install Anti-Phishing Software to Stop Some Emails Before They Hit Your Inbox
Many anti-virus or malware programs come with anti-phishing capabilities or add-ons. These programs work to prevent phishing scams from ever hitting you or your employee’s inbox. If you are unsure that your computer security and anti-virus programs include anti-phishing software, consult your IT department or reach out to us at Computer Services Unlimited for a FREE 30-Minute Network Audit.
3. Be Cautious of Bank Emails That Ask You to “Click Here”
Most banks will not send you anything that says to “click here,” or ask you to send sensitive information through regular email. Banks often use their own form of secured communication for confidential documents.
If you receive an email from your bank asking you to send personal or sensitive business data over regular email, call your bank and ask them about it.
4. If Suspicious, Check the Email Source Information
If you open an email and see any red flags—such as asking for passwords, “too good to be true” offerings, or suspicious content—check the email’s source information. That is, check the email address of who sent the email and any other contact information provided. If the email is supposedly from a company you are familiar with and regularly receive emails from, go back and check the source information for those other legitimate emails to see if they match.
If they do not match, or the source information seems risky, reach out to your IT department or a managed IT services company to see how to proceed.
5. Invest in a Computer Security Maintenance Routine
Whether you have your own IT department or use Managed IT Services like we offer here at Computer Services Unlimited, maintaining your computer and network security is crucial to protecting your business.
An IT maintenance plan that focuses on computer and network security will lessen your risk for cyberattacks overall. At the same time, it will also help you reduce the risk of phishing attempts. If a phishing email does get past your employee or anti-phishing software, your computer and network security will help contain and prevent the problem from spreading.
6. Keep an Eye on Pop-Ups
Pop-ups may seem like an annoying thing of the past, but the truth is they are still used as a phishing tactic. Your browser may have a setting to block most pop-up content, but some may slip through the cracks.
Even if a pop-up looks legit, be careful about entering any sensitive or personal information. Legitimate pop-ups will never ask for your password or social security number, and you should only enter information if you are confident it is a legitimate website. Don’t let signing up for an email list ruin your company’s computers because you didn’t do your research.
7. And Finally, Monitor Your Business Accounts Regularly
The problem with phishing emails is that you may not even realize your personal or sensitive information was stolen until it is too late. That is why it is crucial to evaluate your business accounts for any suspicious activity regularly. This includes banking accounts, cloud accounts, data storage and backup accounts, and any other account your company uses that links to your network or email system.
And remember, it is essential to check the status of all business accounts, even if you do not use some of those accounts every day. You want to make sure that nothing fishy appears on your account or statement.
Are You Looking for More Cybersecurity Tips to Keep Your Business Safe?
Computer Services Unlimited is here to help keep your business safe. We offer a FREE 30-Minute Network Audit to help assess your current cybersecurity plan. After evaluating your network, we will discuss our findings and offer our advice on the best way to protect your business and its sensitive data. Reach out to us today and start down the path of protecting your business!