Despite advances in antivirus protocols and detection technology, phishing is one of the most common methods of cybercrime. Everyone is a target in today’s world. So, knowing how to detect phishing is highly important.
Action Fraud, the UK’s national reporting center for fraud and cybercrime, receives more than 400,000 reports of phishing emails each year, and based on the 2020 Mimecast Email Security Status, 58% of organizations saw an increase in phishing attacks in the past 12 months.
So, What’s Phishing?
Phishing is a cyber attack that uses email, phone, or text messages as a weapon. The attacker is someone posing as a legitimate institution to persuade people to provide sensitive data, such as personally identifiable information, passwords, and bank and credit card details. The information is then used to access important accounts and can result in identity theft and financial loss.
5 Ways to Recognize a Phishing Scheme
Inconsistencies in Email Addresses, Links & Domain Names
Reviewing the name of the person sending you the email is not enough. You must check their email address by hovering your mouse over the ‘from’ address and make sure no alterations – additional numbers or letters -, have been made. If an email allegedly originates from Facebook, but the domain name reads something else, report the email as a phishing attack.
Bad Grammar & Spelling Mistakes
A good way to detect phishing is bad grammar and misspellings. Many companies apply spell check tools to outgoing emails by default to make sure your emails are grammatically correct. Those who use browser-based email clients apply to autocorrect or highlight features in web browsers.
Suspicious Attachments
Legit companies don’t send unsolicited attachments. Instead, they direct you to download documents or files on their own website.
Likewise, most work-related file sharing now takes place via collaboration platforms like Google Drive, OneDrive, or Dropbox. Therefore, internal emails with attachments should always be treated suspiciously, especially if they have an unfamiliar extension or one commonly associated with malware (.zip, .exe, .scr, etc.).
The Message Demands a Sense of Urgency
A favorite tactic amongst cybercriminals is to ask you to act fast because their “super deal” is only for a limited time. Attackers often use this approach to rush recipients into action before they have had the opportunity to study the email for potential flaws or inconsistencies. When you come across these types of emails, it’s best to ignore them.
Login Credentials, Payment Information, or Sensitive Data Requests
Professional companies don’t request your sensitive information via email or text message. If you receive an unsolicited email from an institution that provides a link or attachment that asks you for sensitive information, it’s a scam. Most companies won’t send you an email asking for passwords, credit card information, credit scores, or social security number.
How to Protect Yourself From Phishing Attacks
Cybercriminals are always trying to outsmart our system’s security, so it’s always a good idea to add extra layers of protection. Let’s explore four strategies you should apply to protect yourself and your company from phishing attacks.
Install a Security Software
Install security software on your computer and other electronic devices (e.g your cell phone). Then, set the software to update automatically so it can deal with any new security threats. Keep in mind that these updates could give you critical protection against cybercrimes.
Protect Your Accounts With Multi-Factor Authentication
Some applications and websites offer extra security by requiring two or more credentials to log in to your account. This is called multi-factor authentication, and they might fall into two categories:
- Passcode via text message or an authentication app.
- Fingerprint, retina, or face scan.
Back-Up Your Data
You can copy your computer files to an external hard drive or cloud storage. It’s highly important to make sure those backups aren’t connected to your main network.
Cofes.com published a list of the best anti phishing software, in case you want to check it.
Get in Touch With S-FX Small Business Solutions
S-FX Small Business Solutions is an NJ-based web design & technology consulting agency that offers a wide range of services. We’re proud to help start-ups, small businesses, and nonprofits to achieve their business goals, including website security.
