How You Can Prevent Phishing Attacks

This article is sponsored by Les Olson Company, Your Office Technology Partner. Don’t let Phishing compromise your sensitive data and information. Get the expert technical support your business needs with Managed I.T. Services from Les Olson Company.

---

I.T. Security

On this episode of I.T. Security, John Huston with the I.T. Services Department at Les Olson Company talks with host Ethan Millard about how to avoid phishing attacks. Phishing often happens through emails designed to trick you into providing personal information. If you think you’re too smart to fall for an email like this, you might be surprised. It’s not just the blatantly suspicious emails in broken English. These emails can look very legitimate, sometimes appearing to be from a bank, or some other organization you actually have dealings with. Don’t get tricked. Learn the signs that make an email “phishy”.

What is Phishing?

Hey, @Apple, I received this email today, I assume it’s a hack, if it is I want to warn others to be cautious! #fraud #phishingattempt pic.twitter.com/I7zqszKwTG

— missing my 15 minutes. (@originalgirl77) November 1, 2017

Phishing is an attempt to either gain and exploit your sensitive information or get you to click on a file or link containing malware or ransomware. Phishing usually happens through email, but can also be done through messaging apps, social media, and even the old fashioned way… the phone. These emails can be very sophisticated, using basic psychology to trick unsuspecting people into providing all kinds of information. While it can be quite easy to fall for these emails, there are some tell-tale signs that everyone should learn how to spot.

With 93% of Phishing emails also containing ransomware, this is a huge problem that you have to be diligent about.

What Can You Do About Phishing?

First, look who’s sending the email. Any email could potentially be a phishing attempt, and these emails can even appear to be from an individual or organization you personally know. It’s important to consider the context in these situations. Are you expecting to be contacted by this person? Do you have the type of relationship where they would send you files? It doesn’t hurt to be cautious and reply to their email asking them what the attachment is about.

You should also look out for creative misspellings; extra letters in email addresses or hyperlinks designed to dupe you. They are counting on your brain to simply overlook these slight differences in spelling. Additionally, if the subject line, name or greeting is generic, that is a great clue that this email wasn’t intended specifically for you. These bad actors like to cast a wide net, hoping someone will fall for their trickery. Be sure to avoid urgent email traps, in which the sender asks you to respond immediately. They are counting on you feeling the urge to act quickly and without thinking too much about it. Lastly, never provide ANY personal information through an email, over the phone, or on a website you’re directed to. A real financial institution, hospital, government agency, etc. will NEVER reach out to you asking for things like your account number or social security number. These are things they should already have if they are legitimately associated with you. Remember, when in doubt, simply pick up the phone and call the person or institution you’ve supposedly received the email from. It’s always better safe than sorry.

If You Fell for It

Les Olson Company offers proactive with training for organizations to educate their employees about specific threats such as suspicious emails, credential harvesting, password strength, and regulatory compliance with interactive training modules. Les Olson Company can even send simulated Phishing emails to your employees that emulate a range of phishing attack types to help you identify areas of weakness, and empower users through engaging training to strengthen your organization’s defenses. Contact Les Olson Company for a free vulnerability assessment.