Have you been the victim of online scammers and cybercriminals? Cybercrime is a big deal in the age of mass internet use, and people are always coming up with new and unique ways to scam their victims out of money and information.
But how do they do it? There are plenty of popular scamming methods. One of the most common ones that an unfortunate number of people fall for is phishing. Are you familiar with it? Have you encountered it yourself?
We want to help you learn about phishing and the signs of a phishing email so you can protect yourself, your business, your employees, and your customers from dangerous criminals. Keep reading for everything that you need to know.
Phishing emails are an attempt by cybercriminals to get sensitive information from the recipient through fraudulent means. Some phishing emails also include links to malware, though this isn't always the case. It's one of the easiest scams that a criminal can do. While phishing is usually in email form, some scammers have moved on to phone scams.
Phishing emails can target individuals or businesses. A business targeted by phishing emails can have its personal information, employee information, and customer information infiltrated.
Often when there's an information breach, customers are no longer interested in trusting that business. This is one of the reasons that protecting your business against phishing is so important. But how do you know when you're being phished?
A phishing email wants your attention immediately. Phishers want to make you open the email before you realize that it's a scam. They want to convey a sense of urgency.
Sometimes they'll include your name. Others, they'll have something intriguing or some "must-know" information that they promise to include inside. Sometimes they'll promise free items or a prize in the first sentence!
This is to lure unsuspecting people to whatever link or request that they have inside. It's best to ignore the hook and keep in mind that if they want your attention that badly, there's probably a reason.
So you get an email from "Netflix". This email mentions that there's some kind of problem with your account. This seems normal, right?
It might be, but if you read on and "Netflix" asks for your personal information in a response email, it's illegitimate.
Good companies with online platforms always say something along the lines of "we will never ask for your personal information". They know that it's easy for someone to be scammed and they don't need their employees to have that kind of access. When in doubt, call or visit the website to talk to someone.
Have you gotten an email that you didn't expect with some sort of file attached? This is a red flag. If you weren't anticipating an email from that person with a file, don't click it.
This is true whether the email is definitely from the right email account, if it's from a known Facebook page, or if the email account is unknown to you. There are websites available that can help you determine if a link is safe, but files should be ignored. If you're worried that it's important, email or message the person or company through the email address you're familiar with.
One of the telltale signs of a phishing email is the plethora of typos that are almost sure to be inside.
There are several reasons for this. People who write these emails often aren't from countries that speak the language of the people they're targeting. You'll often notice this with scam callers.
Another reason is that they want to target people who are easier to fool. Because errors are so obvious, people who aren't paying enough attention to notice them may not pay attention to the other obvious red flags.
In other words, they want gullible victims.
When you get an email, pay attention to the email address. Does it look like something that a legitimate business would use?
There are some email addresses you should always be wary of. Protonmail and Gmail are easy for scammers to use as they're easy to sign up for. Anyone can also make an email address domain.
Businesses (especially large businesses) often have a specific email address format that may include their company as the domain. If the email address doesn't look right, email the business from their verified contact page to make sure. Don't respond to the email.
Similarly, if you get a link that looks to be from the right website, pay attention. Sometimes scammers will hide extra letters or use a different type of domain in their fake website URLs.
This can be tricky. The URL will look like it's from the right business, but the actual website is wrong.
So what do you do to avoid phishing scams?
The best way to stop yourself and your employees from getting tricked by phishing emails are to use proper online safety training. If employees know what to look for, they're less likely to fall for obvious scams.
To avoid more harm after the scam has already been fallen for, it's a good idea to have solid IT services and security to minimize damage.