The strongest of cyber security protections are no match for a well written “phishing” email.
A phishing email is a technique used to acquire sensitive information such as bank account numbers, passwords, etc. through your email. These emails enable cyber thieves to circumvent firewalls, filters, and antivirus software, so it is critical that your employees know how to stop a suspicious email.
Here are 4 common types of phishing emails that you should never open:
One of the most common types of emails is one that will appear to be from your bank, the IRS, or some other government authoritative agency. A good rule of thumb to follow is: delete any email from a person, business, or agency that you don’t know.
Typically, these types of agencies send a letter if there is any important updates with your account or, they can call you directly. If you want to verify the email by calling, visit the website directly and avoid clicking on any links in the email as phishing can be done through hidden website links that will lead to a fictitious website designed to steal your information.
DELETE any email that you receive requesting that you verify your username, password, or bank account number. Instead, go directly to the website or app and update your information.
Look for typos or grammatical errors in the subject line or body of the email. Most phishing e-mails are sent from overseas by people who do not speak or write good English. It is also another sign that the web address of the company has been spoofed and they changed one or two letters in an attempt to trick someone into clicking a link.
Opening an attachment (or clicking a link) in an email from a person or company that you don’t know is generally an unsafe practice. This includes (but is not limited to): PDF’s, zip files, music and video files, and word or excel files. Anything referencing an unpaid invoice or an “accounting file” (this tactic is used by hackers to get people in the accounting department to open e-mails).
To be frank, any file could carry a virus, so it’s best practice to be certain who sent the email before opening the file. The few moments that it would take to verify the sender before opening is less than the time and money you will spend recovering from data loss and network downtime.