Get Started Today!  (415) 295-4898

croom new

415 IT Blog

How to Avoid the Influence of a Phishing Scam

How to Avoid the Influence of a Phishing Scam

Phishing emails are a real problem for today’s businesses, which makes it critically important that you and your team can identify them as they come in. Let’s touch on a few reliable indicators that a message isn’t a legitimate one.

What Makes Phishing Attacks So Bad?

One of the largest threats inherent in a phishing scam is that there is a relatively low barrier for entry. There’s a tendency to romanticize hackers somewhat, picturing them in dark rooms lit only by an array of computer monitors as their fingers dance across their keyboard. While cinematic, this imagery is grossly inaccurate. In truth, hacking has trended more towards the psychological, focusing on user manipulation over fancy programming skills.

Which sounds easier to you, learning how to pick a lock, or asking someone for their keys?

Phishing attacks are not only easier on the cybercriminal, they’re also effective. It’s easy to be fooled by a legitimate-looking email or website, especially when you aren’t anticipating being scammed.

Let’s say someone poses as your bank. At first glance, there may be every indication that the email they send is legitimate. A quick look at the sender’s address may pass muster, the bank’s logo and contact information may be present, even any filters you have set up to organize your emails may work.

At a glance, all may be in order… which is exactly how many phishing emails will get you.

While phishing emails themselves aren’t usually dangerous, they contain links to risky and insecure websites or have nefarious files attached to them. Generally, these elements are where the danger lies.

Spotting a Phishing Attack

Let’s go through a step-by-step process to check any email that you may receive. The first sign of phishing can be found in its tone: if it has a too-good-to-be-true offer, is overly urgent, or is requesting information about one of your accounts unprompted, you’re right to be suspicious.

Check all links to confirm they direct to a legitimate URL. DON’T CLICK THEM. For example, if the email were from Amazon, links would most likely lead back to amazon-dot-com. However, anything added between “amazon” and “dot-com” is a sign of trouble. Furthermore, the dot-com should be immediately followed by a forward slash (/).

Let’s go through a few examples to demonstrate how important the little details of a URL can be, using PayPal as our subject.

  • paypal.com - Safe
  • paypal.com/activatecard - Safe
  • business.paypal.com - Safe
  • business.paypal.com/retail - Safe
  • paypal.com.activatecard.net - Suspicious! (notice the dot immediately after PayPal’s domain name)
  • paypal.com.activatecard.net/secure - Suspicious!
  • paypal.com/activatecard/tinyurl.com/retail - Suspicious! Don’t trust dots after the domain!

Check how the email address appears in the header. If you ever receive an email from Google, the address isn’t going to be “gooogle@gmail-dot-com”. If you’re unsure, throw any email addresses into a quick search for legitimacy.

Be wary of any attachments. As we mentioned above, most email-borne threats are going to be transmitted as an infected attachment, or as a link to a malicious website. If an incoming email has either a link or an attachment, exercise caution.

Don’t take password alerts at face value. Some scammers will use phishing emails to steal your credentials. Stating that your password has been stolen or some similar breach has occurred, the email will prompt you to supply your password—springing the trap.

If all this sounds like we’re telling you to wonder if any of your emails are legitimate, it’s because we are, in a way. With a healthy sense of skepticism, email and email correspondence can be very useful business tools. Many phishing attempts can also be weeded through with a reliable spam-blocker as well.

Want us to assist you with your email security? Call up our team of professionals by dialing (415) 295-4898.

Google and Apple Pushed a COVID-19 Exposure Notifi...
A Brief Guide to Leading a Company During COVID-19
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, January 26 2021

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://web.415it.com/

Mobile? Grab this Article

QR Code

Tag Cloud

Security Tip of the Week Technology Productivity Business Computing Best Practices Data IT Support Data Backup Network Security Privacy Hosted Solutions Cloud IT Services Internet Software Efficiency Data Recovery Email Managed IT Services Business Mobile Device Google Collaboration Phishing Small Business Malware Innovation User Tips Outsourced IT Cybersecurity Cloud Computing Hackers Tech Term Upgrade Hardware Smartphone Business Management Managed Service Mobile Devices Android Computer Communication Microsoft Windows 10 Business Continuity Workplace Tips VoIp Covid-19 Smartphones Quick Tips Backup Ransomware Disaster Recovery Managed Service Provider Paperless Office Encryption Communications Network Remote Work Users Browser Wi-Fi Saving Money Office 365 Server Business Technology Passwords Data Management Social Media Artificial Intelligence Internet of Things Help Desk BDR Remote Monitoring Managed IT Holiday Save Money Healthcare Windows 7 Government Document Management Compliance Vulnerability Laptops Chrome Microsoft Office Windows Data Security Facebook Automation Managed IT services Applications Blockchain Scam Miscellaneous Employer-Employee Relationship Gadgets Remote Avoiding Downtime Antivirus Wireless Analytics Bandwidth Information Project Management Virtualization Mobile Office Two-factor Authentication Tip of the week Redundancy Processor Office Health Vendor Management Networking IT Management Storage Employee-Employer Relationship Router Customer Relationship Management Files Access Control Information Technology Virtual Private Network Apps Machine Learning OneDrive Managed Services Training RMM Website Proactive Company Culture BYOD Meetings Data Loss IoT Regulations Mobility Maintenance VPN Hard Drive Infrastructure Software as a Service Net Neutrality Consulting Downtime File Management Instant Messaging Assessment Tablet Search HIPAA Utility Computing Internet Exlporer Payment Cards Bring Your Own Device Dark Web Augmented Reality Managed Services Provider Smart Technology Display Network Management Consultation Remote Computing Computing Remote Workers Professional Services Recycling Data Storage Time Management Word Patch Management Data Breach Mobile Security Flexibility Unified Communications Vendor Social Network WiFi Unified Threat Management Monitoring Remote Worker Financial The Internet of Things Password Remote Monitoring and Management Alert Gmail Risk Management Management Cooperation Operating System Holidays Server Management File Sharing Money Electronic Health Records Employees Spam Co-Managed IT App Permissions Outsourcing Printer Identity Theft Enterprise Resource Planning Cyber Monday Staff Notes IT User Management Bookmarks Unified Threat Management ROI Cache Computing Infrastructure Peripheral Proactive Maintenance Solid State Drive Websites Geography Microsoft Excel Shortcut Cyberattacks Proactive IT Social Laptop Solid State Drives Fleet Tracking Zero-Day Threat Social Networking Optimization Voice over Internet Protocol CES Projects Mobile Device Management Screen Reader Google Calendar Fraud Video Conferencing Value of Managed Services Customer Service Identity PowerPoint Banking Business Telephone Teamwork Favorites Alerts PCI DSS Cybercrime Cyber security SaaS Lenovo Modem High-Speed Internet Return on Investment Read Only IT Consulting Security Cameras Tech Support Travel Remote Working Options Telephone Asset Tracking Samsung Backup and Disaster Recovery G Suite Virtual Reality Virtual Machines Point of Sale Tech Terms Smart Tech Biometric MSP Finance SharePoint Mobile Firewall Reviews Touchscreen Hacking IT Assessment Shared resources Going Green Mail Merge Conferencing User Error Comparison Licensing Database Management Superfish Development Credit Cards Settings Personal Information Printing IT Technicians Cost Management Technology Tips Budget 5G Mobile VoIP Heating/Cooling Human Error Motherboard Chromebook Data Warehousing E-Commerce Theft Connectivity Legislation Gamification Manufacturing Authentication Downloads Distributed Denial of Service Virtual Assistant End of Support Bitcoin Trending Cookies Cables Digitize Batteries Address Migration eWaste Specifications CRM GDPR Statistics Electronic Medical Records Computers Transportation Active Directory Digital Payment Hotspot Wireless Internet Big Data Servers OneNote Permission Vulnerabilities Operations Features Techology Smart Devices Authorization Managing Stress Managed IT Service Windows Server 2008 Wasting Time Gifts Current Events Nanotechnology Wires Shadow IT CIO applications Recovery Politics Chatbots Black Friday Content Filtering Bluetooth Windows Server Technology Laws Private Cloud Mirgation Mouse Language Employer/Employee Relationships Apple How To Test Mobile Computing Outlook Disaster Resistance Procurement Wearable Technology Star Wars Outsource IT Hard Disk Drives Sensors WPA3 Emergency Multi-Factor Security Enterprise Content Management Break Fix Database Hacker CEO Regulation Students Daniel Stevens Printers Twitter Education Marketing

Latest Blog

To preserve your cybersecurity, you need to have a comprehensive view of everything involved with your technology—and we do mean everything. Let’s consider a recent close call, involving the Democratic Republic of Congo that exemplifies this perfectly that could have potenti...

Latest News

We are proud to announce that 415 IT and our CEO, Daniel Stevens, were recently featured by CIO Applications. We discussed how and why we serve our clients, as well as some sneak peeks for our future. Read our interview by visiting:  https:...