How to detect just about any phishing attack from the get go
There are a few important reasons why phishing techniques are becoming increasingly hard to stop. As Webroot accurately points out, phishing attacks are similar to guerrilla warfare in that the attackers hit and leave before anyone can be detected. Additionally, technological advances have enabled phishers to come up with new, creative ways to target victims from all walks of life.
Thankfully, there are some things you can do to spot even the most sophisticated phishing techniques. Here are some tips to get you started.
Watch Out for Small Mistakes
Check emails thoroughly for signs of small discrepancies, even if you know the person who has purportedly sent you the email. Some warning signs that indicate you are being contacted by a phisher include:
- Emails requesting password information. No legitimate company will ever ask users to provide a password via email.
- Roll the mouse over a URL before clicking on it. If the URL looks odd or does not seem to match the description provided in the email, don’t click on it.
- If you do click on the URL, check it very carefully instead of just relying on what the website looks like. Be on the lookout for small misspellings or additional numbers that would indicate the site is not the same as the location you think you are being directed to. For instance, an email that directs you to log onto your bank website and change the password may look like “www.mybank1.com” instead of “www.mybank.com.”
- Look for the small lock icon on the left-hand side of the URL. If the site is secure, it will have this icon along with a domain name that begins with https. Never provide information to any website that does not have both the lock symbol and a URL that starts with https.
- Check the name of the URL and the company name on the page for differences.
Confirm Suspicious Instructions
Consider the following scenario: You receive an email at work from your boss, asking you to change passwords and/or transfer money to a particular account. The email address is legitimate, and the details provided in the email are accurate. Your boss has never asked you something like this before but of course, you obey because he (or she) is the boss. You later find out your boss never sent you the email in question; instead, you have become the victim of a phishing attack.
Thankfully, you can easily avoid this scenario by considering past experience. If someone (i.e. a boss, client, parent, close friend, etc.) hasn’t asked you to do something before and/or the email involves important information, passwords and/or large sums of money, pick up the phone and call the person in question to ask for confirmation.
Never Let Your Enthusiasm Get the Best of You
Phishers want you to click on their links and attachments. For this reason, some scammers send emails that look like they come from retailers. These emails may offer discount coupons, freebies or even both and may arrive with a personalized greeting noting that it is for your birthday or anniversary. Treat these emails as suspect until proven otherwise. Never download the attachments and type the store URL rather than clicking on the one provided in the email.
Get Professional Assistance
Professional help can enable you to not only spot phishing attempts but prevent them from happening in the first place. Contact Radius Executive IT Solutions in Boston and throughout New England at (978) 528-0110 or firstname.lastname@example.org for more practical assistance and information.