That email you received that didn’t look quite right, what is it that’s wrong?
- Was it from a sender you recognize but has errors you wouldn’t expect?
- Was it from someone you know but is asking you something unusual?
- Does it have grammar or spelling errors?
- Is it a request for money? Or a wire transfer?
- Is it notice you are to be GIVEN money? or Someone is sending you money?
All of these are typical signs that the email is NOT legitimate. Hackers and criminals are smart and always find ways to get their emails through the security systems of your business. Your anti-virus, anti-spam, and anti-phishing programs in place may miss that new email being sent around. So you have to be diligent and watch out for these attempts.
What to do?
- When in doubt, call your IT professional
- Never click on a link you don’t know is safe
- Never open an attachment you don’t know is safe; if you do open in error, ensure you do not Activate or enable-macros in the document.
- If you know how, check the LINKS (without clicking on them). Learn how a domain should look. www.paypal.com is correct; www.paypal.getyourmoney.com is not
- Always make sure your Anti-virus or other security software is up to date and running
What are Phishing emails?
Phishing is a term used to identify when a personal email is sent to an individual that is attempting to gather personal information (usernames, passwords, or other), gain access to your system, or get money from you. SPAM is email that is mass sent out to several hundreds or thousands of people. This is usually things like shopping ads. Phishing is more nefarious and is directed more personally so it appears legitimate. Spear-phishing is where the sender has specific and personal information that they use in the email to give it even more legitimacy. These are usually directed to the accountant of an organization from what ‘appears’ to be an executive or boss asking for an immediate wire-transfer. It is always best to verbally confirm these requests or develop a standard operating procedure where, if these types of requests are common, that you make use of a code-word or specially formatted email to add protection.