Due diligence is the key to avoid being caught on the hook of a phish attack. One wrong move could cost you thousands of dollars and even put your business into bankruptcy. Following these simple guides will help you keep your business intact.
- NOT PAYING ATTENTION: Legitimate companies use domain emails. For example, an email from UPS (www.ups.com) would come from firstname.lastname@example.org, not email@example.com. You can see the email address by hovering over the sender’s name.
- PANICKING: Phishing emails are designed to make you panic. They have a sense of urgency, trying to make you act before you think.
- MAKING A PAYMENT: This is usually done through a method of payment not standard to your company such as an EFT or wire transfer.
- “FIXING” A PROBLEM WITH YOUR ACCOUNT: They say there is a problem with your account. They ask you to “confirm” some personal information to update your account. What they’re really doing is getting you to volunteer this information, never volunteer anything.
- FALLING FOR A NAME DROP. Sometimes a hacker may have information that seems to validate their identity. They’ve done their research. Does it make sense they know this information? Are they “name dropping”?
- NOT REALIZING THEY DON’T KNOW YOUR NAME. The email is addressed to “Dear customer” or “Dear account holder” and not your name.
- NOT SEEING GRAMMAR ERRORS. English is a second language to foreign hackers and they’re not good at it.
- CLICKING THINGS: Sometimes an entire email can be a hyperlink. Therefore, clicking anywhere on it will take you to a malicious website or start a malicious download.
If you’d like to delve deeper and learn more about phishing defenses, visit this post or give us a call at (518) 496-0387.