As cyber crime continues to be one of the most serious risks to businesses, attackers are always devising new ways to breach cyber security. Phishing emails and hacked email accounts are becoming more widespread, especially those with the ability to modify bank data in order to intercept payments. These attacks’ authenticity and actual intellect are becoming more apparent. We have put together 10 top tips to help you identify suspicious emails:
1. Do not trust the display name
Always check the email address to authenticate the sender, even if the email appears to originate from a name you know or recognize. Hovering over the display name or right-clicking and seeing properties will do the trick.
2. Read the email but do not click
You may inspect links in an email by hovering your cursor over them. You may also copy the hyperlink and paste it into a document to see the entire link. Do not click it if it appears weird or does not match the text in the email.
3. Do not open attachments
Although the email may make the file appear essential, attachments are frequently malware masquerading as legitimate papers. Be especially wary of emails that appear to be automated and include an invoice attachment. Always check with the supplier before opening an invoice if you haven’t received one previously.
4. How is the email addressed?
Is the email expressly addressed to you, or is the address ambiguous? Phishing emails are more likely to be impersonal, using salutations like Dear Trusted Customer instead of your name.
5. Are your personal details being requested?
An email request for personal information from a legitimate company is exceedingly improbable. Banks and financial organizations, for example, will never ask for such information by email.
6. Beware of time pressures
Phishing emails can make it appear as if there is a sense of urgency in order to persuade you to act quickly. It is unusual for a legitimate company to initiate contact via email with such a short deadline. Attackers use urgency to confuse receivers, who are less likely to check details if they are worried about missing a deadline.
7. Check the signature
At the bottom of most authentic emails, there will be a signature block and a legal disclaimer. Fraudulent emails may lack a signature block or have a signature block that does not match the company style.
8. Check spelling and grammar
Phishing emails frequently contain spelling and grammatical problems that would not be found in a legitimate email. If the email has a tone that is different from previous messages from that source, double-check before acting.
9. Do not believe everything you see
It’s possible that the email is too good to be true or a touch weird. Attackers will use devious approaches to persuade you to reveal personal or financial information. It is usually a good idea to have an email verified if you were not expecting it or if it differs from previous emails sent by that person.
10. When in doubt contact your administrator
If an email raises any of the aforementioned concerns, it’s always better to contact your administrator to double-check before putting the company at danger.
These recommendations do not guarantee that phishing emails will not be effective, but the more you are aware of the areas to look for, the more likely you will be to spot them.
Additional cyber security and staff training are two further areas that can be leveraged to assist protect your company from phishing and hacked emails. If you’d like to learn more about how DewCIS Solutions can help you stay safer online, call +254 (20) 222 7100 or email email@example.com