Much like the shiny lures fishermen use to attract their prey, cybercriminals use email attachments or links to try to get you to click through to malicious content. Often using cheap scare tactics, phishing scams will try to induce a quick, panicked response by making you feel like you have something to lose by not clicking on the link. The instant you click, you open yourself up to malware attacks that can cost you financially, technologically, reputationally, and it will definitely eat up time to reverse the damage that was enacted on your device (if you are able to reverse it at all).
According to Symantec, one out of every 131 emails contained malware in 2016. With an estimated 215.3 billion emails sent per day, that’s a pretty substantial amount of malicious emails floating around. This was also a huge increase compared to the 1 in 220 emails containing malware in 2015 and is expected to increase as the data is collected for this year. The sheer enormity of this criminal industry can be overwhelming, but there are plenty of precautions you can take to keep yourself and your business safe from phishing scams.
- Look at who the email is from. Are you expecting an email from this person? If not, ask them directly what the email is in reference to. Also make sure their email address and the email message are void of spelling mistakes. (Additionally, make sure to take a look at who the email was sent to. If you are cc’d on an email with a bunch of people you don’t know, this is also a red flag.)
- Beware of generic greetings. If an email avoids using your name, but is sent directly to you, this may be a sign that the exact same message was sent to a broad spectrum of people in order to increase the scammer's chances of getting a bite.
- Ignore scare tactics. If the email seems like it's trying to scare you into taking immediate action, it’s trying to make you click before you think. Prior to clicking links or attachments in an email, take a second to think about what the sender could be trying to accomplish.
- Do not give out personal information. Keep in mind that reputable organizations are not going to email you and ask for your password or social security number. If you receive an email from someone like your bank claiming fraudulent charges have been made, but you are unsure if the email is legitimate, find a publicly published number for your bank and call them directly about the issue. Do not call the phone number they have listed in the potentially fraudulent email.
- If it sounds too good to be true, it is. Beware of offers or deals that seem too good to be true. Especially when coming from a place you have not heard of, or never signed up to receive email notifications for.
- Check the links. You can hover over a link in an email (or click and hold the linked text on a mobile device) to view the url destination of the link. If the url doesn’t go where it says it will take you, do not click it. Another red flag to look for when checking a url, is an unsecured web link (if the link starts with just http instead of https).
The biggest thing to keep in mind is to not click links or act on an email out of habit. If something doesn't feel right, investigate a little further. It is worth a little extra time to prevent you from falling into a trap. Take a few minutes each week to learn a little bit more on how to keep yourself safe online. With the growing number of cyber criminals, the stakes are becoming too high to not know how to keep yourself safe. If you have any questions, feel free to reach out to us at firstname.lastname@example.org or by phone at 402.398.9580. We would love to be a resource for you.
https://www.radicati.com/wp/wp-content/uploads/2015/02/Email-Statistics-Report-2015-2019-Executive-Summary.pdfCopyright: aldorado10 / 123RF Stock Photo