How to Prevent Phishing Attacks: Best Practices for Your Employees

Phishing attacks have gotten more commonplace, while gaining more sophistication, over the years. Here are a few ways to help you & your team easily spot a phishing email:

• Check The Sender's Email Domain

The domain name should match the name of the organization the email comes from. For example, you may be expecting an email from "Bob@company.com", but instead you receive an email from "Bob@compamy.com". It’s something that can be easily missed, but should be the first thing you check if you are suspicious about an email.

• Links In Email Don't Match Sender's Domain:

Most legitimate requests will not often send users to a different site from the sender's domain. Always make sure to hover your mouse over the link to see where it is taking you before actually clicking on it.

• Generic Greeting Or Verbiage

If it is a mass phishing attempt, generic terms like ‘Dear Customer’ or ‘Greetings Account Holder’ will be used. In more targeted, spear phishing attempts, more specific greetings tend to be used.

• Uncharacteristic Sense of Urgency

Phishing emails usually try to imply a false sense of urgency in the subject line or body of the email. Using words like URGENT, or ‘You have 24 hours to respond or x will happen’. Very rarely, if ever, are they tied to a real threat.

Follow our blog for more expert insight into Cyber Security. Thinking you need more help keeping your data secure? Get started with us today!