What is Phishing?
Phishing is a cybercrime in which a target or targets are contacted by email, telephone, or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords. Generally, emails sent as phishing attempts are masked so they appear to be sent by the business, person, or institution who is known by the recipient.
Here are 6 common items that help identify a phishing attempt:
- Is the message sent from a public email domain, such as Gmail?
- Check the email address. Does the email address match the email address of the sender? Example: Bob – Bob@exxon.com, but shows Bob – email@example.com.
- The email domain name is misspelled. (exxon.com is Exxan.com)
- The body of the email is poorly written with misspellings, bad grammar, or poor word choice. (However, be careful, the cybercriminal’s grammar is improving)
- The message includes attachments or links that are suspicious. The link says it goes to one place but when you hover over it is shows another URL.
- The message creates a sense of urgency, such as please change your password or look at this document ASAP.
If you ever have a question about an email and if it is legitimate, you have options: contact the sender via telephone and confirm or ask Abtech and we will provide an expert opinion. And please remember that as a client of Abtech, you have access to resources to mitigate Phishing and Ransomware attacks. Here are a few examples. Your company may already be utilizing some or all of these:
- Endpoint Security Software such as ESET or Capture Client
- Email Security and Spam Filer – Abtech Recommends Proofpoint Essentials
- KnowBe4 Security Awareness testing and training
- Datto Ransomware Protection
- Cyberhawk Internal Threat Detection
- Internal Vulnerability scans and mitigation
- Cloud backup and disaster recovery (Stortrust)
Abtech offers a range of services aimed at protecting you and your users from cyber attacks.