Email phishing is one of the most common cybersecurity threats because it is especially deceptive. Through phishing, cybercriminals deliver malicious material to unsuspecting readers in a messaging format – usually text or email. Their goal is to get the end user to click a harmful link which gives the sender access to the user’s system.
Phishing is on the rise. A report by the Anti-Phishing Working Group that analyzed phishing attacks during Q1 of 2020 found that reported phishing attacks were at their highest levels since 2016. And a 2020 study by Verizon found that 22% of data breaches happened as a result of phishing. The threat is real, but phishing can be prevented. You are your own best defense. By learning how to spot email phishing attacks, you significantly limit your risk of a phishing breach.
How can I spot phishing?
Phishing email attacks are becoming more sophisticated. In the past, a phishing email might have come from a look-alike email account where one letter or number was misplaced or a word was misspelled. Hasty email readers would inadvertently click and expose themselves to malicious software. Increasingly, phishing attacks are coming from legitimate emails that have been compromised. So to spot a phishing email, you have to be diligent.
Before you open an email, consider whether or not you were expecting an email from the recipient. Review the subject line carefully for misspelled words, and see if the email contains any attachments. To be extra careful, consider giving the individual a call to confirm they sent the email.
Once you’ve opened an email, read the copy carefully. Does the language make sense? Does the message read like this person’s normal messages? If you have any suspicion, do not open any links or attachments. Call the person to confirm that they delivered the message.
Even with people you trust and communicate with frequently, be careful when clicking links or opening attachments. Common attachments, like standard documents or spreadsheets, can contain malware. Your colleague may have inadvertently sent you a compromised file. This is why it’s a good idea to have up-to-date virus scanning software installed on your computer at all times.
What should I do if I suspect phishing?
If you have an IT partner, contact them immediately if you believe you received a phishing email. Professionals will be able to analyze the email to determine if it contains malware. When you partner with ProTech, we are those professionals. ProTech’s Managed IT Services customers have a team of experts ready to assess any threats and take immediate action if it’s needed. We’re here to help keep your data – personal and professional – safe.