Phishing emails and other social engineering cyber attacks are seeing an increase in numbers and effectiveness. According to recent reports, nearly one-third of all data in 2018 included phishing activity. Now, heading into 2020, that number is expected to rise and attacks are expected to become harder to spot.
But even with the change in methods and the expectations of more attacks on the horizon, there are still a number of common indicators that point to a phishing attack in progress. Knowing what to look for will help to protect against attacks. Here are some things to look out for.
Nobody’s perfect, and a typo here and there shouldn’t automatically mean that it’s a phishing email. But obvious typos and multiple typos should point you in the direction of caution. If an official email from a bank comes through and it has typos, this should be a giveaway. In addition, awkward language and formatting errors means it’s more than likely fraudulent.
Legitimate companies take time to craft communications to current or prospective customers. Cybercriminals, while smart and cunning, are typically sloppy when it comes to communications.
Businesses do not ask for personal information, especially through email. Items like Social Security numbers and credit cards should never be requested via email, so this should be an automatic red flag.
Offers and Scare Tactics
Emails offering rewards, such as vacations, prizes, cash, and sales on items, should be on high alert. If an offer comes through with a request for personal information and a link to claim a prize, it’s more than likely a phishing email scam. This type of email scam frequently encourages recipients to act right then, pushing them to click on the attachment or link. This is because it’s trying to craft urgency, saying that it’s a limited time offer.
Sometimes, a dead giveaway is a bad or broken link. This can be detected by hovering over a link within the email, showing the link pop up over the text. If it doesn’t match the company’s site name, such as a bank, or if it looks suspicious in some other way, it’s probably a malicious link within a phishing email.
In general, if an email seems suspicious, it’s important to go with your gut and delete it. If you’re not sure, it’s still possible to contact the sender in a separate email to determine if the message is real. Either way, err on the side of caution here in order to avoid most attacks.
Protecting Against Phishing
For businesses, having a company-wide cyber liability insurance program can help to keep assets safe or backed up. While having a high level of cybersecurity protection is key to keep networks safe, it’s even more important to have the right insurance program to make sure the financial and reputational fallout are not excessive. Individuals who become targets of phishing attacks can also purchase cyber liability insurance to keep their information safe against widespread attacks.
Don’t Forget About Social Media Scams
When it comes to clicking a link or sharing something you found on social media, remember: if it looks too good to be true, it probably is. Airlines will not give out a number of free tickets to “anyone who shares this post”. A sure giveaway that you’re looking at a spam account is a period in the name (Walt.Disney World vs Walt Disney World).