Blog

Tip of the Week: 5 Ways to Easily Identify a Phishing Attack

Tip of the Week: 5 Ways to Easily Identify a Phishing Attack

If you’ve been reading this blog for any length of time, you’ve seen us reference a phishing attack. Whether you are being asked by some supposed Nigerian prince to fork over money or you are getting an email by what seems to be your bank that directs you to download an attachment, you are probably a potential victim of a phishing scam. The difference between being a potential victim and a victim is knowing how to identify it. Today, we’ll give you five ways to identify a phishing message so that you—or your company—won’t be scammed.

#1 - Urgency

When you get an email and the verbiage is such that it immediately makes you panic a little, you are probably dealing with a phishing attempt. Email is a really useful tool for businesses and individuals alike, but it typically isn’t the medium where someone is going to give you news that will make your anxiety spike. The message can come from many different directions, but if its tone is one where it makes you think you have to act immediately, you should calm down and verify the message with a call or text. 

#2 - Attachments

Again, email is useful for interpersonal communication, but unless you are expecting an email, or you know exactly who is sending you a message, you should never click on an attachment. This goes double if it is from a financial institution. No reputable bank is going to send you a downloadable attachment unless you are in direct communication with them. Even then, these organizations have secure apps for these types of transactions. Do yourself a favor and don’t download attachments from emails unless you know exactly what the attachment is.

#3 - Spelling and Grammar Errors

Let me ask you this: In the course of doing business, when corresponding with people outside your organization, do you send emails with gratuitous spelling and error problems? No? That’s because you don’t want the recipient to be put off by your handle of the language. Phishing emails tend to be written by people whose first language isn’t English and they tend to make terrible spelling and grammar mistakes. If you are getting an email from your bank, but the content of the message is riddled with typos, you are dealing with a phishing email.

#4 - Your Personal Information

Any email that is sent to you that asks for personal information should be met with caution. Even if it looks authentic, when the email directs you to provide information that you don’t feel comfortable giving out—like a credit card number or your social security number—you’re almost always dealing with a scammer. If an organization needs your personal information, it will create an interface that will allow you to securely provide that information. They can’t afford not to.

#5 - Addresses Aren’t Legitimate

Finally, one of the telltale signs that you are being phished is the legitimacy of the links and addresses in the message itself. Firstly, you should be suspect of links in unsolicited emails anyway, but to be sure, you can mouse-over any links. If you don’t immediately recognize the web address, don’t click on the link. As far as email addresses go, it can often be difficult to tell if an email address is legitimate or not. One rule of thumb, if there is more than one period in the address, don’t click on it. It may be legitimate, but investigating it takes seconds and can help you avoid a lot of headaches. 

Here’s a quick, short guide to help you and your staff:

  1. Everyone handles their domains a little differently, but use this as a general rule of thumb:
    • a. paypal.com - Safe
    • b. paypal.com/activatecard - Safe
    • c. business.paypal.com - Safe
    • d. business.paypal.com/retail - Safe
    • e. paypal.com.activatecard.net - Suspicious! (notice the dot immediately after Paypal’s domain name)
    • f. paypal.com.activatecard.net/secure - Suspicious!
  2. paypal.com/activatecard/tinyurl.com/retail - Suspicious! Don’t trust dots after the domain!
  3. Check the email in the header. An email from Amazon wouldn’t come in as . Do a quick Google search for the email address to see if it is legitimate.
  4. Always be careful opening attachments. If there is an attachment or link on the email, be extra cautious.
  5. Be skeptical of password alerts. If the email mentions passwords, such as “your password has been stolen,” be suspicious. 

We hope that this short guide helps you avoid clicking on phishing attacks as they can have devastating and adverse effects on your computer, your network, and your business. For more great tips and tricks, return to our blog regularly. If you want to talk about how best to train your staff about phishing attacks, call us today at 603-889-0800.

Related Posts

Cybersecurity has changed considerably since 2017, and any business that wants to survive in the evolving online environment needs to consider how they are protecting their assets. We want to take a look at precisely how cybersecurity has changed sin...
Security is one of the most important parts of running a business, especially today when organizations rely so heavily on their technology solutions. Some of the most dangerous threats lurk on a business’s network, watching and waiting for an opportu...
Cybersecurity is one of the most talked about problems facing the modern business. This is because cybercrime has increased precipitously while businesses have moved more of their processes onto the computer. Planning how to protect your business’ cr...
Even the most innocent Internet user can fall victim to the stray hacking attack, and it’s all thanks to the manner in which malware reverse-engineers software. This process is how a hacker finds vulnerabilities in software. However, a new security c...
Databases are exceptionally useful for allowing access to important data, but they by default expose data to risks depending on how they are stored. If a database is stored in the cloud, for example, it could potentially be exposed to threats that pu...
Security has never been easy for any business that deals with sensitive information. Nowadays, even a small business that uses an Internet connection has to worry about hackers and malware of all types. This is especially problematic for small health...
The online world is a scary place. Viruses, malware, spyware, adware, and more are all out there trying to get at your network. These threats are almost always prevalent, but compared to each other, some are vastly superior and far more dangerous and...
For many Windows users, the fact that Microsoft is issuing Windows 10 incrementally came as a shock for those who patiently waited for its release date. While users wait, however, hackers are taking advantage of those who are less patient by creating...
One minute you’re browsing trusted sites on the Internet, the next, your PC freezes up and displays the dreaded blue screen of death, along with a fake tech support message. This strain of malware is duping plenty of computer users into calling the p...
While security experts tend to focus the brunt of their discussions on desktop OS vulnerabilities, there are plenty of mobile malware threats that fly under the radar. One such malware is called Hummer; a trojan that installs unwanted apps and malwar...
The Cybersecurity and Infrastructure Security Agency (CISA) has released an emergency directive concerning a critical exploit known as Zerologon, that affects servers running Windows Server operating systems that needs to get patched as soon as possi...
One of the latest vulnerabilities in open-source software can be found in 7zip, a file archiver and decompresser. 7zip has been found to have several security vulnerabilities which have software developers rushing to fix their products. The damage do...

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our office in NH.  For locations outside of our service area, we will manage a local vendor to provide onsite assistance when needed.

 

Onsite Computer Support Services are available to businesses within 100 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

 

White Mountain IT Services
33 Main Street, Suite 302
Nashua, New Hampshire 03064

 

603-889-0800

map nashua4 1

 

Open Positions