You probably roll your eyes every time you get an email from a Nigerian prince, asking you to transfer $25,000 to their bank account. Isn’t it also amazing (and highly coincidental) how you win the lottery from a foreign country on a weekly basis?
While the above scenarios may be obvious as a scam to some, around 90% of all data breaches come from phishing.
Phishing is when an attacker sends out a message or email asking the recipient to provide some type of secure information. It can often be used to deploy software that leads to an attack to hold the company hostage for ransom.
CISCO reports at least one person clicks on a phishing link in 86% of organizations.
So really, a phishing attempt might not be as obvious as you think. And even if you catch it, what about ALL the employees at your company? Would they be able to decipher the difference between a phishing email and a normal email? All it takes is one click on one email to unleash a data attack in your business, which in some cases, may cause you to have to close your doors.
These are the top four signs you (and your employees) should look for in any email that you don’t recognize.
- Unusual requests. Maybe you're being asked to send a gift card or to text them with information. Pay particular attention to those that seem to originate from your organization. Is it a request from your manager or coworker and with language they wouldn’t normally use?
- Grammatical or spelling errors. Is punctuation missing? Do you see terms made plural when they should be singular and vice versa?
- If the domain name and email address don’t match each other. You’ll also want to pay attention when it does seem like it comes from within your organization. Always check the original email address to make sure it’s not “spoofed.”
- You’ll notice this more in the subject line, with words like “urgent,” “immediate action,” “attention” or “important.” These are often tied to content like a “problem with your order” and come from a retailer or online pay portal. Did you order something within the last 10 minutes? If not, be very wary. Check the domain, check your bank or credit card first. Be aware of these terms when you are sending out emails also.
If your current IT company falls short on continually educating and training your employees, doesn’t quickly follow up on your requests, and takes forever to call you back, we can help.
Do you know that your current IT provider has you covered even if you suffer from a phishing attack? Schedule a call with us to get a third-party validation of your current network to MAKE SURE you’re being properly protected. Click here to schedule a quick call today https://www.alcalaconsulting.com.