Protecting Your Business from Phishing Scams

Would you ever hand out your username and password to a stranger? How about lending your credit card to a passerby on the street? Probably not, on all accounts. Then you should be taking precautions to safeguard your company from phishing scams as well.

What are Phishing Scams?

Email phishing scams are an attempt by a malicious person to infiltrate your system and acquire your usernames, passwords, and sometimes even credit card details. Unfortunately, these scams are fairly common. In fact, according to Alert Logic, studies show that “76% of organizations say they experienced phishing attacks. And by the end of 2017, the average user was receiving 16 malicious emails per month.”

The report shows that phishing scams, of all types, are increasing in number. These scams do not discriminate: they attack both large and small businesses equally. Attack methods are also becoming more sophisticated as attackers hone their skills.

How are these Attacks Disguised?

Phishing emails can come in all sorts of packages, but according to Symantec's 2018 Internet Security Threat Report, there are some more common than others when it comes to distributing malware. For example, the most common disguises include fake invoices that can be easily opened unless you know what you are looking for. In addition, other disguises include an email delivery failure notification, legal/law enforcement emails, scanned documents, Dropbox file sharing lures, and package delivery.

What are Red Flags of an Email Phishing Scam?

Email phishing scams often look real and can be deceivingly easy to open accidentally. Knowing the signs of what to look for are critical, especially for employees who deal with hundreds of emails daily from vendors, clients, and fellow employees. Some of the most common red flags include emails that: have grammatical or spelling errors in the subject line or in your name, use scare tactics that say you “Better Act Now,” come from a source you do not recognize and most certainly, emails that have links, downloads or attachments.

In addition to being aware of email subject lines, be careful when giving out personal or sensitive information via email. If your bank has contacted you regarding your password, login, social security number, or other identifiable information, confirm with the company first before replying. Use the phone number on your bill or directly from the authorized website, not from the email you just received.

All users should be aware and wary of emails that seem “phishy” in any way. We suggest enabling two-factor authentication to secure your logins, as well as choosing your email provider carefully. Some providers have better methods of weeding out scams than others.

How often do you come across questionable emails? Once a day? Multiple times? If your company needs help with security and protection from a variety of malware and potential hacking attacks, contact Spectra Networks today. We can evaluate your system and prepare a solution for your needs. Call us at 978.219.9752 or visit our website.