When it comes to Email Phishing, Small Business Email Phishing prevention starts with awareness. No matter how secure we make your network and systems, you and your employees can still invite a hacker in if you click on a link or open an attachment in an e-mail sent by a cybercriminal. Some spam is obvious (can you say, “Viagra at a discount”?) but others are VERY cleverly designed to sneak past all the filters and trick the recipient into opening the door. Known as a “phishing” e-mail, this still is the #1 way hackers circumvent firewalls, filters and antivirus, so it’s critical that you and your employees know how to spot a threatening e-mail. Here are four types of e-mail ploys you should be on high alert for.
The Authority E-mail. The most common phishing e-mails are ones impersonating your bank, the IRS or some authority figure. The rule of thumb is this: ANY e-mail that comes in where 1) you don’t PERSONALLY know the sender, including e-mails from the IRS, Microsoft or your “bank,” and 2) asks you to “verify” your account should be deleted. Remember, ANY important notification will be sent via old-fashioned snail mail. If it’s important, they can call you. In the event that you feel the email may be legitimate, simply close the email you received and visit the website of the entity or business that the email was allegedly from and look to perform the same task they requested in the email, directly on that providers website instead.
The “Account Verification” E-mail. Any e-mail that asks you to verify your password, bank information or login credentials, OR to update your account information, should be ignored. No legitimate vendor sends e-mails asking for this; they will simply ask you upon logging in to update or verify your information if that’s necessary.
The Typo E-mail. Another big warning sign is typos. E-mails coming from overseas (which is where most of these attacks come from) are written by people who do not speak or write English well. Therefore, if there are obvious typos or grammar mistakes, delete it.
The Zip File, PDF Or Invoice Attachment. Unless you specifically KNOW the sender of an e-mail, never, ever open an attachment. That includes PDFs, zip files, music and video files and anything referencing an unpaid invoice or accounting file (many hackers use this to get people in accounting departments to open e-mails). Of course, ANY file can carry a virus, so better to delete it than be sorry. For some specific examples of these types of threats and more, take a look at Small Business Trends recent write up on 10 examples of Phishing emails that targeted Small businesses.
Superior Solutions specializes in Small Business IT Support in Atlanta. For more information on how to prevent email phishing attacks and the potential damage that can result, please our firms website or contact our support desk directly!