Fishing – a jerk on one end of a line waiting for a jerk on the other end. Phishing – very similar to fishing, but much more consequential.
While the word phishing is humorous and relatable due to it being derived from the word “fishing”, the consequences of falling victim to a phishing attack are far from comical. Today we will discuss just how serious these attacks can be, and the easiest way to prevent them.
You are the only thing that can truly protect you from a phishing attack. Without participation, it simply is a phishing attempt. Hackers are always looking for clever ways to fool their potential victims, so can you trust your employees to recognize the telltale signs of a phishing attempt?
Habitual Efforts to Foil Phishers
Learning to do things the correct way is a lot easier than breaking a habit. Here are a few habits you can train your staff to do to recognize and avoid phishing attempts:
Check Links BEFORE Opening Them
Getting in the habit of clicking links without checking the URL is an all-too-common mistake amongst staff. If you receive a link and want to know where it will take you, all you have to do is hover over it. If you aren’t able to see the link, or the entire link, you can also right click it and copy the address it will take you to. From there you can paste it into a notepad and further examine it.
While a trained eye can detect a phishing attempt, some phishers cleverly disguise their links.
Learn How to Spot Phishing Links
If your eye is untrained, and you aren’t able to identify the legitimacy of these two links, WheelHouse IT is here to help.
Which of those two links would you confidently click on? Hopefully you said the first one. The tell-tale sign that a URL is coming from a fraudulent website is there will be a “dot” after the domain. The domain (example.com, example.net) is typically read as example dot com. So, if you see a link that says example dot com dot something, the link is more than likely a phishing attempt. If you aren’t entirely sure, your best bet is to avoid the link entirely.
Another method phishers will often use is slight alterations in domain names. Our minds are trained to read words even when the “in between” characters are incorrect, or characters are in the wrong order. As long as the first letter and last letter are correct, typically we can make out the words without issue.
Don’t believe me? Quickly skim through this list:
Did you notice the incorrect link right away? If not, take a closer look. This simple practice is used by phishers with great results.
Emotions Lead to Phishing Vulnerability
Becoming a victim of a phishing attempt is easier than you might think. Once emotions are involved, instincts often kick in and result in an easy hookset. Let’s take a look at a few scenarios.
“Congratulations! You have won a free iPad!”
If you are lucky enough to win an item for absolutely no reason, chances are you are unlucky enough to fall victim to a phishing attempt too. Avoid these links at all costs.
“You have been issued with a driver’s violation:
Amount due: $143
This fee will be forwarded by mail to your address. However, you can screen it now by pressing here: DMV Notification”
This one is more difficult to recognize, and frustration can easily get in the way of habitual email awareness. It is important to train your staff to recognize all different types of attempts. Examples are the easiest way for your staff to understand just how easy it is to fall victim. Here at WheelHouse IT, we encourage safe email practices. If you would like other tips on how to keep your business safe, call us today at (877) 771-2384.