Email phishing scams account for over half of all instances of online fraud, and they’re showing no signs of going away any time soon. In fact, they’re on the rise. And with millions of individuals and businesses falling victim to these scams, the costs are rising. A large company can expect to pay about $3.7 million to resolve and recover from a phishing issue. Cybercriminals are often seeking confidential business information such as usernames or passwords that grant access to your network or the credit card details of your customers. A phishing scam can quickly ruin your business’s hard earned reputation.
So how can you spot a phishing attack before becoming its next victim? First, it’s important to understand how phishing works. Cybercriminals are becoming more adept at selecting targets and often use some bit of personal information (such as where you bank if you have an eBay account, or who supports your credit cards). They’ll then send you an email that looks (at least at first glance) to be from a legitimate and familiar source. It may even bear the logo or banner from a real company or may use the name of a legitimate business in the structure of its URL. Typically, a scammer’s email will ask you to log in to a link they provide and confirm some piece of information (an account number, credit card number, password, user name, Social Security number, or other sensitive data). Once you provide that information, the cybercriminals can use it to drain your accounts, make purchases in your name, or worse.
Fortunately for everyone, phishing scams are not perfect, so there are several telltale signs you can spot to help you identify a potential scam.
Phishing scammers often go to great lengths to appear legitimate—even incorporating the name of a real business within the return address or links they provide. Frequently scammers will make small changes to a web address in hopes you’ll be fooled. If you suspect that the source of an email is a scammer, check the return email against the company’s published contact info. Do not open any links or attachments that accompany such an email, as these sections could put you at risk.
Any email that asks you to provide information that the sender should already have should be regarded as highly suspicious. For example, your bank isn’t going to email you to ask for your PIN or account numbers—they issued those numbers and don’t need to get them from you. So it’s important to view any such requests with a highly critical eye. If you remain in doubt, contact the institution directly — but NOT via any link provided in the questionable email.
Fear is a strong motivator, and cybercriminals know that users are more likely to open and read an email that seems to demand immediate action. Some scammers go even further, suggesting that the recipient may be arrested and prosecuted for failure to respond. These intimidation tactics are all too often effective, with people handing over login credentials, and account numbers to “stay out of trouble.” Unfortunately, if you fall for one of these scams, your troubles are just beginning.
Legitimate emails from corporate entities are usually not composed on the fly by some intern. They are meticulously crafted for factual accuracy, grammatical correctness, legal issues, and how they read from a marketing standpoint. Emails that contain typos, misspellings, or poor grammar are very likely examples of fraud and should be regarded with extreme caution. If you suspect an email is fraudulent, do not open any links or attachments, as these could provide a gateway for malware to enter and infect your system.
Phishing scammers will often attempt to mimic the logo or branding of a legitimate institution in order to gain your confidence. If something seems wrong with the appearance of the email—like the brand logo or header are low-resolution — that is good cause to investigate further.
At Waterdog Computer Works, your online security is our top priority. We can scan your machine for malware, install the latest cybersecurity software, and beef up your device’s firewalls, spam detectors, and other built-in protections. We also offer security awareness training for you and your employees so you can spot cybersecurity threats before they damage your business reputation. Don’t become cybercrime’s next victim—contact us today!
Located in Wayne, Pa, Waterdog Computer Works is a complete IT solutions and cybersecurity provider serving businesses throughout Main Line Philadelphia. Focused and responsive, Waterdog Computer Works offers a two-hour emergency response time guarantee, no-risk contracts and a team of technicians with over 75 years of combined experience. Call us at 484.580.8568 to speak to a member of our team.