Get Started Today!  (415) 295-4898

croom new

415 IT Blog

How to Avoid the Influence of a Phishing Scam

How to Avoid the Influence of a Phishing Scam

Phishing emails are a real problem for today’s businesses, which makes it critically important that you and your team can identify them as they come in. Let’s touch on a few reliable indicators that a message isn’t a legitimate one.

What Makes Phishing Attacks So Bad?

One of the largest threats inherent in a phishing scam is that there is a relatively low barrier for entry. There’s a tendency to romanticize hackers somewhat, picturing them in dark rooms lit only by an array of computer monitors as their fingers dance across their keyboard. While cinematic, this imagery is grossly inaccurate. In truth, hacking has trended more towards the psychological, focusing on user manipulation over fancy programming skills.

Which sounds easier to you, learning how to pick a lock, or asking someone for their keys?

Phishing attacks are not only easier on the cybercriminal, they’re also effective. It’s easy to be fooled by a legitimate-looking email or website, especially when you aren’t anticipating being scammed.

Let’s say someone poses as your bank. At first glance, there may be every indication that the email they send is legitimate. A quick look at the sender’s address may pass muster, the bank’s logo and contact information may be present, even any filters you have set up to organize your emails may work.

At a glance, all may be in order… which is exactly how many phishing emails will get you.

While phishing emails themselves aren’t usually dangerous, they contain links to risky and insecure websites or have nefarious files attached to them. Generally, these elements are where the danger lies.

Spotting a Phishing Attack

Let’s go through a step-by-step process to check any email that you may receive. The first sign of phishing can be found in its tone: if it has a too-good-to-be-true offer, is overly urgent, or is requesting information about one of your accounts unprompted, you’re right to be suspicious.

Check all links to confirm they direct to a legitimate URL. DON’T CLICK THEM. For example, if the email were from Amazon, links would most likely lead back to amazon-dot-com. However, anything added between “amazon” and “dot-com” is a sign of trouble. Furthermore, the dot-com should be immediately followed by a forward slash (/).

Let’s go through a few examples to demonstrate how important the little details of a URL can be, using PayPal as our subject.

  • paypal.com - Safe
  • paypal.com/activatecard - Safe
  • business.paypal.com - Safe
  • business.paypal.com/retail - Safe
  • paypal.com.activatecard.net - Suspicious! (notice the dot immediately after PayPal’s domain name)
  • paypal.com.activatecard.net/secure - Suspicious!
  • paypal.com/activatecard/tinyurl.com/retail - Suspicious! Don’t trust dots after the domain!

Check how the email address appears in the header. If you ever receive an email from Google, the address isn’t going to be “gooogle@gmail-dot-com”. If you’re unsure, throw any email addresses into a quick search for legitimacy.

Be wary of any attachments. As we mentioned above, most email-borne threats are going to be transmitted as an infected attachment, or as a link to a malicious website. If an incoming email has either a link or an attachment, exercise caution.

Don’t take password alerts at face value. Some scammers will use phishing emails to steal your credentials. Stating that your password has been stolen or some similar breach has occurred, the email will prompt you to supply your password—springing the trap.

If all this sounds like we’re telling you to wonder if any of your emails are legitimate, it’s because we are, in a way. With a healthy sense of skepticism, email and email correspondence can be very useful business tools. Many phishing attempts can also be weeded through with a reliable spam-blocker as well.

Want us to assist you with your email security? Call up our team of professionals by dialing (415) 295-4898.

Google and Apple Pushed a COVID-19 Exposure Notifi...
A Brief Guide to Leading a Company During COVID-19
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, August 05 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://web.415it.com/

Mobile? Grab this Article

QR Code

Tag Cloud

Security Tip of the Week Technology Productivity Best Practices Business Computing Data Backup Data IT Support Network Security Privacy Hosted Solutions Cloud IT Services Data Recovery Efficiency Software Email Business Internet Managed IT Services Malware Outsourced IT Small Business Innovation Tech Term Cybersecurity Cloud Computing Business Management Hackers Collaboration Upgrade Hardware Windows 10 User Tips Microsoft Phishing Computer Managed Service Business Continuity Google Mobile Devices Communication Workplace Tips VoIp Mobile Device Smartphone Quick Tips Ransomware Backup Managed Service Provider Paperless Office Smartphones Android Server Office 365 Communications Business Technology Disaster Recovery Encryption Saving Money Browser Remote Monitoring Data Management Managed IT Network Covid-19 Compliance Internet of Things BDR Remote Work Passwords Artificial Intelligence Vulnerability Holiday Windows 7 Healthcare Wi-Fi Microsoft Office Help Desk Data Security Managed IT services Applications Miscellaneous Laptops Save Money Users Document Management Social Media Facebook Government Virtualization Bandwidth Automation Processor Office Tip of the week Blockchain Project Management Vendor Management Employer-Employee Relationship Two-factor Authentication Scam Redundancy Avoiding Downtime Antivirus Information Health Proactive Access Control Company Culture Virtual Private Network Meetings Windows BYOD Regulations IoT Mobility Hard Drive Infrastructure Employee-Employer Relationship Data Loss Software as a Service Router IT Management Storage Maintenance VPN Customer Relationship Management Chrome OneDrive Machine Learning Training Analytics RMM Website Files Time Management Flexibility Monitoring Mobile Security Password Unified Communications Remote Worker Remote Monitoring and Management Financial Unified Threat Management Operating System Word Gmail Patch Management Data Breach The Internet of Things Management Cooperation Employees File Sharing File Management Risk Management Electronic Health Records Consulting Downtime Server Management Data Storage Payment Cards Net Neutrality Social Network Gadgets Alert Assessment Bring Your Own Device Information Technology Managed Services Provider HIPAA Utility Computing Tablet Dark Web Augmented Reality Remote Workers Internet Exlporer Apps Smart Technology Managed Services Mobile Office Network Management Professional Services Computing Networking Consultation Search Co-Managed IT Recycling Comparison Licensing Authentication Motherboard Chromebook Batteries Outsourcing E-Commerce Theft IT Technicians Cost Management GDPR Transportation Active Directory IT Data Warehousing Electronic Medical Records Heating/Cooling Connectivity Wireless Internet Big Data Technology Tips Peripheral Lenovo Optimization Distributed Denial of Service OneNote IT Consulting Permission Cookies Cables Smart Devices Legislation Laptop Samsung Migration Wasting Time Trending eWaste Current Events Specifications Authorization CIO applications Vulnerabilities Video Conferencing Features SharePoint Statistics Superfish Politics Managing Stress Windows Server Business Telephone Operations Mail Merge User Error Servers Employer/Employee Relationships Apple Digital Payment PCI DSS Hotspot Virtual Machines Managed IT Service How To Test Nanotechnology Hard Disk Drives Wires Sensors Remote Working Private Cloud Chatbots Database Black Friday WPA3 Recovery Mobile Computing Biometric Downloads Procurement Mirgation Notes Bluetooth Instant Messaging Spam Enterprise Content Management User Management IT Assessment Money Address WiFi Wearable Technology Star Wars Proactive Maintenance Solid State Drive Mouse Language Credit Cards Break Fix App Solid State Drives Budget Bookmarks ROI Identity Theft Voice over Internet Protocol Enterprise Resource Planning Projects Cyber Monday Staff Fleet Tracking Techology Zero-Day Threat Geography Value of Managed Services Gamification Permissions Cyberattacks Social PowerPoint Cache Display Customer Service Social Networking Teamwork Digitize Microsoft Excel Mobile Device Management Websites Cybercrime Cyber security CRM Computing Infrastructure Computers Technology Laws Wireless Screen Reader Options Telephone Favorites Identity Return on Investment Windows Server 2008 Outlook Asset Tracking Disaster Resistance Backup and Disaster Recovery Modem High-Speed Internet Google Calendar Fraud Emergency Read Only Multi-Factor Security Security Cameras Remote Computing Alerts MSP Finance Shared resources G Suite Going Green Shadow IT Point of Sale Printer Tech Terms Tech Support SaaS Database Management Settings Mobile Personal Information Holidays Virtual Reality Unified Threat Management Smart Tech 5G Mobile VoIP Travel Conferencing Firewall Shortcut Proactive IT Human Error Manufacturing Development Vendor Outsource IT Printing Touchscreen Virtual Assistant Hacking Bitcoin Twitter Education CEO Regulation Students Marketing Daniel Stevens Content Filtering Printers

Latest Blog

Many users are noticing or just starting to hear about Google and Apple’s initiative to work with local governments to provide an easy way to help users prevent getting infected with COVID-19. The idea is that, if a local or state government wanted to build an app for users ...

Latest News

We are proud to announce that 415 IT and our CEO, Daniel Stevens, were recently featured by CIO Applications. We discussed how and why we serve our clients, as well as some sneak peeks for our future. Read our interview by visiting:  https:...