Phishing emails remain a popular method cyber criminals use to coerce users out of sensitive account information or to inject malicious code on a user’s machine. Individuals fall for phishing scams each day, leading to identity theft, security breaches, and exposure of confidential business data. According to the Anti-Phishing Work Group, 2016 was a record year for phishing attempts and the trend is expected to continue in 2017. Here are a few tips on how anyone can avoid phishing emails and not become the victim of corruption.
- Most, if not all institutions, would never ask for your personal information via email. If you receive an email asking for usernames, passwords, or personal/company data (i.e., account numbers), you should immediately question its legitimacy.
- If you don’t recognize or if you weren’t expecting something from the sender, exercise caution. Often, phishing emails may come from sources you don’t know; however, in many cases, the sender may have masked their email address so that it appears to come from an organization or individual you are familiar with.
- Pay close attention to the sender’s email address. This is normally a sure-fire way of spotting a phishing attempt. If the contents of the email appear to come from a known source (i.e., PayPal), but the sender address is @gmail.com, it’s undoubtedly a phishing email.
- Pay close attention to any links in the email. In most cases, the links may appear genuine; however, if you hover your mouse over the link (do not click on it), a tooltip will appear showing you the actual URL. If the URL is different from the link in the email, it’s not an authentic message.
So, what do you do if you’re not sure? Phishing emails can often be very convincing, so if you suspect a message is phishing, but have doubts…
- Try contacting the alleged sender directly (not using any links or phone numbers provided in the email). They can typically confirm whether the email is legitimate or a scam.
- Try contacting your organization’s IT department for assistance as they may be able to assist with investigating the email to determine if it is genuine.
Essentially, it is always best to err on the side of caution and be mindful of each email you receive. As a rule of thumb, never respond to or open attachments in an email unless you are certain it is legitimate. By doing so, you can better protect you and your organization’s confidential data. Please contact us with any questions.