While thieves in years past stole items like gold, jewels, and cash money, today's criminals often target data. It may sound odd, but some data is just as valuable as precious metals! This includes login credentials and credit card numbers. In order to get access to this sensitive information, cyber criminals will launch a phishing scam.
Table of Contents
What Is a Phishing Attack?
Phishing is when attackers send malicious emails designed to trick people into falling for a scam. The intent is often to get users to reveal personal information, financial information, system credentials, or other sensitive data they can use for their gain.
They often include old-fashioned techniques, like forgery, a false sense of urgency, misdirection, and lying, in a new, tech-savvy way. Due to the nature of what these cyber criminals are looking for, the phishing attempts are often sent to business email addresses.
The emails often contain a link to malicious websites that look like an official website. For example, the domain may be a very similar variation of the official domain name. Think of paypa1.com instead of paypal.com. The email could say the user’s password is about to expire. They may ask you to "reenter" your login credentials, then use it to hijack the account, steal money, commit fraud, or spam other users.
Common Signs of a Phishing Attempt
As scary as this sounds, it is not impossible to identify phishing attempts. It is not even that hard if you know what you're looking for. Common indicators of a phishing attempt include:
An Unfamiliar Tone or Greeting
Let's say you get an email from Google that says "Dearest Person, please reenter your contact information." That would be odd, right? Google would never begin a professional email that way. If the beginning of an email seems strange, it’s worth looking for other indicators that this could be a phishing email.
Grammar and Spelling Errors
Speaking of other indicators, both bad spelling and grammatical mistakes are key signs of a phishing attempt. Those “errors” are not mistakes at all! The reason for this is because they want only people who will go all the way with their data breaches. The scammer wants people who will ultimately fall prey to the scam, and someone who will begin the scam and then get wise and back out is a waste of their time.
A Sense of Urgency
Another common tactic is to use a sense of urgency to coerce immediate action. This is done in the hopes of flustering the email receiver. The cyber criminal thinks that by reading the email in haste, the reader may not take the time to examine the message carefully and so warning signs may pass undetected.
If an email with an attached file is received out of the blue or from an unfamiliar source, the attachment should be treated with caution. If the attached file has an extension commonly associated with malware downloads, recipients should flag the file to be virus-scanned before opening. Extensions known to contain ransomware attacks include.zip, .exe, and .scr.
Avoid Phishing Attacks Today
The list above is only the beginning. As companies across the globe grow wiser against phishing message attempts, so too do the cyber criminals. Cyber security should be a main focus for all companies, large and small. In order to keep up the fight against data breaches, bring in Next I.T. Next I.T. can dramatically reduce your chance of suffering a severe breach. We specialize in the cyber security you need to keep cyber criminals at bay!