Know Thy Enemy: Warning Signs of Phishing

Four Variables of Phishing

Before we outline the four things you should be looking for to identify a phishing message, we wanted to say that these attacks can happen over any type of communication. You can just as easily be phished over the phone or through the mail as you can over email or through instant message. Most phishing messages are delivered through email, but they can come from any direction. 

Let?s go through four variables of a phishing message:

#1 – There is a Real Sense of Urgency

While a lot of the messages that we get in business are demanding, there is something extraordinary about a phishing message. Essentially, phishing messages will urge the reader to take immediate action. This action could be in the form of clicking on links, downloading attachments, or giving over credentials that the hacker will then use to infiltrate organizational computing networks and steal data, deploy malware, or other negative situations.  

#2 – Poor Grammar and Spelling

Many of these messages are created with the notion that the reader will be fooled by the overall legitimacy of the message. Many times they are sent as being from financial institutions or insurance companies. Typically, however, there are signs within the message itself that can signal its illegitimacy. Variables like misspelled words, poor use of grammar, and other red flags can tip users that the message is not legitimate. 

#3 – The Domain Is Not Right

When someone sends an official email from a business, typically the domain name of the email address that is sending the email will represent the organization that the message is coming from. If the address doesn?t come from the organization that is sending the message, that is a giant red flag. Most reputable organizations pay good money to host their own domain and if the address you are getting a message from doesn?t represent that, you have to believe that it is a scam. 

#4 – Suspicious Aura of the Message

You know the type of messages that you typically get. If a message you receive doesn?t meet the criteria of ?normal? you, at the very least, need to verify with the presumed sender of the message that it is legitimate. If it feels off, it probably is. Make sure you get this confirmation through a different means of communication.

Phishing messages are the most common way that hackers gain access to systems and deliver malware. As a result, you need to make sure that your staff is thoroughly trained on what variables to look for so they don?t put your whole organization in danger. For more information about phishing or to get some help implementing a training strategy at your place of business, give the IT professionals at White Mountain IT Services a call today at (603) 889-0800.

White Mountain IT

Related Posts

Tip of the Week: Worried About Phishing? Use the SLAM Method

So, what is the SLAM method? The SLAM Method is a Simple Practice to Help Spot Phishing The SLAM method is a framework to help keep phishing prevention practices in mind. Sender: Who supposedly sent the message? Check the email address to make sure the address matches the supposed sender, with no misspellings or suspicious URLs. Links: Before clicking on any links, make sure you hover over...

Tip of the Week: Three Practices to Reduce Consternation About Your Technology

Technology plays a massive role for most organizations nowadays, and not everyone always grasps the importance of it. Most of the time, there is so much built into today’s enterprise software that it can often be overwhelming for workers to use it effectively. Today, we will give you three tips on how to help employees get a grasp of the technology their productivity depends on. Help Them Under...

Are Your Recovery Expectations Lined Up with Your Capabilities?

Let?s discuss the different perspectives to take into account as you establish your RTO and RPO standards. RTO and RPO Establish Where the Point of No Return Lies Just to contextualize what we mean when we reference your recovery time objective and recovery point objective, these metrics describe the worst-case scenario that you could still operate within. When it comes to your RTO, it is how lo...

Tip of the Week: Creating Google Forms that Auto-Populate Google Sheets

There are several reasons to use a form to collect data for your business, from customer impressions and service needs to employee feedback about internal matters as a means of collaborative decision-making. The trouble comes when it is time to compile all the responses… unless you know how to use the tools at your disposal. For this week’s tip, we’re walking through the process of creating a for...