Email phishing is a common strategy used by cyber criminals to gain access to personal data, which in turn grants them access to secure accounts. For example, a phishing email may attempt to collect your passwords, or it may focus more on your answers to possible security questions that will allow the criminals to thwart two-step authentication.
These phishing attempts are devastating when successful, and no one is safe. Both individuals and companies are targeted in an attempt to collect this information. However, many companies stand to lose more; it takes time to repair systems and get back to their normal operations after a phishing attack. Here are signs employers and their team members can watch out for to maintain their Utah email security solutions.
An Unusual Email Address
Most email providers allow you to create a display name that is more prominently featured than your email address on outgoing messages. Some cyber criminals take advantage of this feature by changing their display name to the name of a trusted company, like Microsoft, or to the name of another individual that works at your company. If you receive an email that claims to be from “Joe Smith,” one of your coworkers, and he is asking for your password to your shared cloud storage, always check the actual email address the message was sent from. If it’s clearly not a company email, or if a supposed “Microsoft” email is actually coming from a Gmail address, it’s a pretty good indicator that the person is not who they claim to be.
Asking for Sensitive Information Through Email
It’s uncommon for a company to ask an individual for sensitive information in the form of an email response. This should be a huge red flag that you may be the victim of a phishing attempt. For example, American Express would never send an email asking you to respond with the password for your online account. If you do receive an email like this, use the existing phone number or website address you have for American Express to get into contact with an official representative and ensure that the communication is authentic.
Not all phishing attempts will request that you respond with private information. Many attempts will ask you to click on a link to be taken to another page or even to call a number and provide your information over the phone. Again, it pays to check these websites and phone numbers against the official contact information you have for the company. If you are directed to a website that looks suspicious, do not enter any information such as your password, address, or the answer to any of your security questions.
The Threat of Consequences
Phishers will often attempt to intimidate victims into doing what they want by threatening a severe negative consequence if they do not provide certain information. For example, if you get an email that threatens that your account will be deactivated unless you log in to their website immediately, consider why this would even be necessary. If nothing unusual has happened to your online account and you have not been aware of any changes the company has made to its services, it is reasonable to think that these claims are false.
Phishing attempts are also often rushed and give the victim only a short time to act before they will suffer this dire consequence. Criminals use this tactic so their victims feel that they must make a quick decision about whether or not to share their information. They do not want you to feel that you have time to speak with your employer, coworker, or the supposed third party sending the email because they fear they will be stopped before they can gain access to your accounts. Don’t allow yourself to feel rushed, especially if you have a gut feeling that the request is not legitimate.
If employees remember these common signs of phishing and apply them to suspicious emails, they are much more likely to keep your accounts and your company’s data safe. INTELITECHS offers both Utah email management services and employee IT security training for business owners in Utah who have concerns about keeping their company safe against phishing attempts. Contact us with any questions you have about comprehensive email security for Utah small businesses.