Phishing attacks are one of the most common attacks that cybercriminals will use to gain one’s login credentials or gain access to a network. According to the FBI phishing attempts nearly doubled from 2019 to 2020, and these attacks are steadily on the raise. The most popular phishing method is through e-mail at 96%. Phishing attacks are not just a large company problem; medium and small companies are just as prone to these attacks. The results of falling victim to a phishing scam I no small cost. According to IBM’s Cost of a Data Breach report phishing attacks cost companies $4.24 million on average, which is an all-time high. Knowledge is the greatest tool to combat cybercriminals phishing attempts. In the article we will outline some common red flags to look for in a phishing email, what to do if you have received a phishing email.
Examine the sender address
If the email address of the sender does not match the name of the sender of the email, this should raise suspicion.
Be Mindful of Login Pages, Links, and Attachments
Phishers will often create fake login pages which look identical to a legitimate website in an attempt to collect your account credentials. Be mindful of clicking links in any email asking you to enter your credentials into any site. If you ever click any links and input any information, be sure to notify and report it immediately, as well as change your password!
Additionally, if you receive an email with attachments from someone you don’t know, or that you weren’t expecting, do not download the file unless you are sure that it is safe – especially if they have an unfamiliar extension or one commonly associated with malware (.zip, .exe, .scr, etc.).
Examine the Language and Tone
Phishing emails usually convey some sense of urgency, fear, or greed. For example, phishing emails may have subject matters along the lines of the following:
- “URGENT: YOUR PASSWORD IS EXPIRING”
- “CLAIM YOUR FREE GIFT CARD”
- “YOUR ACCOUNT HAS BEEN COMPROMISED”
If you receive emails regarding these subject matters, that is a red flag.
Phishing emails today can be very convincing, and sometimes all the red flags are well hidden. The safest and only guaranteed method to identify whether an email is phishing scam is to verify it is to message to the genuine sender (don’t reply directly to the suspicious email!) to verify its authenticity. However, if you ever need help identifying a suspicious email feel free to reach out to us!