k_Street Consulting, LLC Blog
Tip of the Week: 3 Signs of a Phishing Attempt
Social engineering is a very important component of many modern cyberattacks, as the popularity of phishing scams goes to show. Protecting yourself from phishing scams will require you to be able to identify them. For today’s tip, we’ll go over a few warning signs that someone may be trying to phish you through your email.
1. There’s an Unexpected Attachment or Link
It’s one thing to get an unexpected email from someone, it’s completely another thing entirely to get an email from someone that includes an unexpected attachment or link. Neither of these is a good thing. Attachments can easily contain hidden malware files, and links can be disguised with very little effort.
Don’t believe me? Try visiting google.com. Go ahead!
Not exactly what you were expecting, eh? Keep in mind that you can double-check links by hovering your cursor over them, and if you weren’t anticipating an attachment, don’t click it unless you have confirmed its legitimacy through some other means.
2. The Sender’s Email Seems Off
It isn’t uncommon for scammers to disguise a fraudulent email address by making it look at lot like a legitimate one would. For instance, let’s say that you normally worked with a business vendor, hypothetically named “Super Business Supplies.” A scammer might send you an email from “sales (at) superbusinessupplies.com.” Looks pretty okay, until you notice that there’s one fewer ‘s’ than there should be. Scammers can get downright devious with these replacements, replacing “Amazon” with “Arnazon” and other blink-and-you’ll-miss-it tricks.
In short, read carefully.
3. There are Other Questionable Elements
While that may be a very vague tip, it is only because there is such a wide variety of warning signs that an email is actually a phishing attempt. For instance:
- Spelling and grammar errors. Look at it this way: would you anticipate a company like Microsoft, or Google, or the likes of such to send you an email riddled with mistakes? Of course not, so if you receive an email that purports to be from a company of high repute, but features these kinds of errors, red flags should be going up.
- Time-sensitivity. One of a scammer’s go-to tools is to put their target off-balance, especially by pressuring them into immediate action. If you receive an email that offers you a great deal by acting right now, or threatens to shut down your account unless you act right now, the first thing you should do is pick up the phone and call up the organization or individual that sent the email.
- Requests for personal information. Similarly to any messages that rely on cultivating a sense of urgency, you need to look at any emails that request personally identifiable information, access or financial credentials - really, any data that you and your company rely on - with a critical eye. This is another case where calling to confirm is probably your best bet.
Email can be an extremely helpful business tool, but it can also be an equally useful tool for cybercriminals looking to victimize your business. k_Street Consulting, LLC can help you secure it, with best practices and practical solutions to lock it down. To learn more, reach out to us at (202) 640-2737.