Don’t take the bait! Learn how to keep yourself and your company safe from phishing attacks cast by cybercriminals.
What do you think of when you hear Phishing? Hook line and sinker, right? Well, not in this case. Phishing is a cyber-attack where cybercriminals use authentic-looking malicious links and attachments to gain information about you or your company.
Phishing attacks could result in sensitive data being stolen from both you or the company. Phishing sounds like fishing because the attackers craft authentic-looking lures in the form of links or attachments that attract people to bite and click harmful links. Just as a lure in the sport of fishing, these links and attachments are designed to entice you. For example, the email could look as if it’s coming from a credible source or have language in it that makes you act quick and not make thoughtful decisions. Cyber Attackers aren’t particularly sure who will fall into their trap. They do know that the more phishing messages they send, the greater possibility of gaining sensitive information.
Cyber attackers often know the bare minimum about you personally. This is why they often choose to use “lures” that look familiar to many—for example, a message from your company, a famous brand, or typical banking services.
Here are some things to be on the lookout for and what you can do to make sure links or attachments are reliable:
- Watch for common welcome messages such as “Dear valued customer” or simply “Greetings” and don’t address you by your proper name.
- Be aware of links and attachments that don’t come from reliable sources. Always check to see the domain of the email sender and verify it is legitimate and trusted.
- Phishing emails and messages often want the receivers to act right away. They will use language that encourages receivers to react quickly. Remember to analyze the message and not be eager to open links or attachments.
- You should never be asked to go against company policy or procedures set in place. This is an immediate cause for red flags.
- Be on the lookout for messages asking you for personal or sensitive information.
- If you are skeptical of a link or attachment, move your mouse over the link to expose the full address and examine it thoroughly. Many mobile devices can show link previews by holding down the link before clicking.
- Be aware of messages that claim you have been randomly selected to win a prize or of opportunities that sound just too good to be true. You most likely aren’t the heir to a multi-billion dollar oil company in the Netherlands, and no, you didn’t win the latest iPhone.
- Lastly, be on the lookout for messages from co-workers or buddies, where they do not use their typical language, jargon, or tone.
It is possible for us to give away information that we shouldn’t by mistake. One of the leading causes of leaked information is accidentally replying to all recipients in an email chain.
Ensure the email address of the intended receiver is correct before pressing the send button. Autocorrect can turn firstname.lastname@example.org to email@example.com, which looks awfully similar at first glance, and a simple slip like this could put you or your company at risk.
If ever you come across a link that you think is a phishing attack, report it immediately to your IT Department and delete it.
Remember, take a moment to examine your links and attachments, check to ensure your message is going to the intended recipient, and use your best personal judgment to keep both your company and you safe from phishing attacks.
If you have any questions about messages you feel are phishing attacks, please send the helpdesk an email to HelpDesk@m-v-t.com or give them a call at (575)-541-7990. Stay safe, and don’t take the bait!