PureCyber

View Original

PureCyber Micro-Bytes - Spotting and Stopping Phishing Attacks

For the first article in our byte size advice series for small businesses, we are focusing on how to spot phishing attacks and keep your data and information safe online from malicious actors.

Email is an everyday part of an employee’s routine. But it is critical for everyone to be aware of the dangers that they pose, both to your small business and colleagues.

Without this knowledge, it can be surprisingly easy to accidentally disclose sensitive information and put your small business at risk.

What is Phishing?

Phishing is a type of cyber-attack where malicious actors impersonate a real person or organisation and try to get their victim to click a link or download a document; typically with the aim of trying to steal data. This will often contain ransomware or other malware which encrypts and locks users data and the network that they are connected to. Other phishing email campaigns aim to steal a user’s credentials, credit card numbers, or personal identification. This also can be used to access the entire data and systems of a small business.

To protect yourself and your personal information, it's essential to learn how to spot a phishing email. In this article, we will provide you with common clues for identifying and avoiding phishing emails.

How To Spot a Phishing Email

Phishing attacks can be sophisticated, but there are tell-tale signs that can help you identify them:

Express urgency

Phishing emails often try to make users take urgent action such as clicking a link or downloading an attachment and use words such as urgent’, warning or act now.

Generic Greetings

Phishing emails often contain generic greetings, for example “Dear Customer”. Legitimate emails from trusted brands typically personalise their greetings and message for every individual costumer.

Spelling and Grammar Errors

Checking the sender’s full email address is the first way to identify a phishing email. They are often designed to mimic legitimate addresses but have slight variations or spelling errors, such as "exampl3.com" instead of "example.com."

Fake Branding

A replicated branding and logo, when looked at closely may appear slightly different and will be lesser quality than the official version. Is It pixelated or blurry?

Unusual Requests

Unusual requests for sensitive information, whether bank account details or login credentials should always be treated with extreme caution.

Check The URL

Hovering over a link with your mouse cursor will reveal the true URL, which should always be checked against the official website.

Last, but not least is the email too good to be true?

The Next Steps – How to Stop Phishing

Now that you know how to spot phishing attempts, let's discuss how to stop them in their tracks:

1. Keep Software Updated:

Make sure your operating system, anti-virus software and applications are up to date with the latest patches.

2. Email Filtering:

Enable email filtering and anti-phishing tools provided by your email service provider. These tools can help identify, report and block phishing emails.

3. Multi-factor authentication

Enable multi factor identification wherever possible. It adds an extra layer of security, making it harder for cybercriminals to access your accounts even if they obtain your password.

4. Educate Yourself and Your Colleagues:

Provide thorough training on how to spot phishing emails and maintain vigilance.

5. Verify requests:

If you receive an email urgently requesting sensitive information. verify the request with the relevant organisation using official contact information, not the information provided in the email.

6. Implementing Basic Controls:

Undertaking cyber essentials and putting basic controls in place can provide a solid base for every small business’s cyber security posture.

Phishing attacks can target anyone, and they often prey on the unsuspecting. By staying informed and vigilant, you can spot and stop phishing attempts before they cause harm. Remember, protecting your personal information and online security is worth the extra effort. Stay safe online and keep phishing attackers at bay with these tips.

To learn more about phishing visit our resources page.

Explore our subscription options can help you manage your cyber security and create a strong security posture to defend against phishing attacks today or contact us by clicking the button below.