Many businesses are targeted by phishing emails. However, not all fall for them causing a breach.
So what determines whether the business falls prey to this type of cyberattack?
Human error.
All you need is one person to fall for the phishing email for the whole company to be affected.
Why Focus on Phishing Emails?
Simple, over 85% of successful breaches start by phishing employees.
Therefore, learning how to identify a phishing attack is essential to the security of a company.
Learn to Identify a Phishing Attack
With the proper training, anyone can identify a legitimate email from a phishing attack. Here are some suggestions:
- Check the email of the sender, confirm it’s from a familiar source.
- Make sure the email has a professional or familiar format. DO NOT engage if:
- It has many typos
- Footer doesn’t have a physical address, name or signature from sender or department
- It’s missing the unsubscribe option (for newsletters)
- Check for an urgent and untrustworthy call-to-action. This is highly common on phishing emails.
- e.g. “You have 24 hours or you’ll get arrested. Click on link to prevent that!”
- When you hover over any links, DO NOT click on URL if it’s long and from an unfamiliar website. Hover over it to see the hyperlink.
- Never click on an attachment or give away credentials unless source is 100% trusted.
- If you are unsure if you’ve received a phishing email or not, please forward it to Phishing@EmpoweredITSolutions.com and our team will tell you if it is legitimate or not.
Conclusion
Following the tips above can help you and your business filter any potential phishing emails.
However, to ensure protection against phishing, we have an anti-spam program that works 24/7 against phishing attempts.
We also offer cybersecurity trainings that expose your team to a fictitious phishing email for training purposes with our Security and Awareness Training.
Protect your business today – call 858.859.9490 to learn more.
Don’t forget to share this information with anyone who is constantly working on their computer, or carry sensitive information on their devices.