Our last two blogs examined a Security Model which just about any business entity can implement. It consists of two distinct components, and it can be diagrammed as follows:
Great Security = Technology + Human Vigilance
To recap, Technology refers to the use of the proper tools such as anti-virus software, Routers, Firewalls, Network Intrusion Devices, etc. Human Vigilance refers to the fact that your IT staff must be mentally alert of any Cyber related threats which are incoming to your business. This also means that they need to be aware of the overall threat landscape which is hitting upon your specific industry.
With this now in mind, we now return to a topic of the threats that are out there. One of the oldest ones is that of the “Phishing” email. This kind of threat has actually existed for a very long period of time, but did not actually take root until the last decade as the use of email as the primary means of communications greatly proliferated.
Sure, we get Phishing emails all the time, and fortunately, most of those simply get thrown automatically into our Spam Folder. But, given the sophistication of the Cyber attacker today, there are some that still get through into our inbox, and are so deceptive that we can still fall prey. But, the good news is that even despite this, there are telltale signs of what a Phishing email looks like, and what it contains. So here we go:
- There is improper spelling in the email message:
When most corporations and businesses send out legitimate emails, they take the time to proofread and edit to make sure that there are no grammatical or spelling mistakes. But this is not the case in Phishing emails. For example, instead of saying “Dear Financial Customer”, it will say something like “Deer Phinansial Costumer”.
- The hyperlinks in the email are different:
Phishing e-mails are notorious for having tons of hyperlinks, and having the wrong ones. Take for example:
When you hover your mouse pointer over it, it should say “cnn.com”. But in Phishing emails, the link will be different. So instead of saying cnn.com, it will say something like “cnbc.com”. Always carry out this test if you suspect you have received a Phishing E-Mail. If the hyperlinks are different, then you can be assured that you have indeed received a Phishing email.
- You will be prompted to take immediate action:
Phishing emails are notorious for having a ton of Call to Actions (CTAs) in their body of their email messages. But it usually instead of prompting you to buy something, the Phishing email preys upon your fears by stating that there has been fraudulent activity in your bank account or that it has been closed. If you see this kind of email, never respond to it. Instead, attempt to log into your account to see if it has been closed or there has been any fraudulent activity. As an extra precaution, always contact your financial institution if you still have any doubts.
We will continue the theme on what to look out for in the next blog.