Phishing scams are a significant problem. An analysis of over 55 million emails revealed that one in every 99 was a phishing attack, and that around 15 billion spam emails are sent every day. Even more worrying is that studies show that 25 per cent of these emails find their way into Office 365, which is one of the most widely used email packages in the world.
What is phishing?
Phishing scams have been around since the start of the internet, and there is no sign of them diminishing. The fact that most are concerned with stealing money means that cybercriminals across the world are reeling in huge profits, all at the expense of innocent people. For this reason, it is vital that you make yourself aware of how to avoid becoming a victim of phishing scams. With this in mind, here are some helpful guidelines to follow to keep yourself safe online.
Awareness is one of the most effective ways to avoid cybercrime. Keeping abreast of the latest phishing techniques is vital if you are to prevent yourself falling prey. Be sure to look out for news stories and reports on new scams. If you are tasked with protecting company data or IT systems, then you should be undertaking cybersecurity awareness training on a regular basis, and taking steps to keep your team informed.
Check the grammar
Email phishing scams often purport to be from familiar sources. That’s how they attempt to gain your trust. Many will use what appears to be official branding to hook you in. But look more closely and, if it’s a bogus email, you’ll likely see typos, misspellings or examples of poor grammar. Similarly, if an email is not addressed to you personally, but rather starts with ‘Dear Customer’ or the like, it is pretty much certain to be a phishing email. In all such cases, delete the email. No official brand will send communications using anything less than perfect English and personalised greetings.
Check the email address
If you receive an email that appears unusual or suspicious, that is asking you to click on a link or provide personal data, check the email address it has come from. Don’t just go by the sender name, because this will be masked. Take a look at the actual address behind the name. More often than not, it will be something abstract that has nothing to do with the organisation that the message is supposedly from.
Never click on links or open attachments
Links that appear in bogus looking emails and files attached to those emails should always be avoided. You can carefully hover over links just to check where they will lead, but most of the time you will find they are set to take you somewhere very different to where you would expect. This is the whole point of phishing emails: to encourage you to click on a link or download an attachment, which will then install malicious software such as ransomware, spyware or a virus on your PC.
Install an anti-phishing toolbar
Many of the more popular internet browsers can be customised with a free anti-phishing toolbar. Some browser extensions are offered by financial institutions free of charge to help keep you safe whilst you go about the likes of internet banking. The tools run quick checks on the sites you are browsing, actively comparing them to lists of known phishing sites. If it is detected that you are on a risky site, you will be alerted.
Check the security of websites
Phishing scams don’t always emanate from emails. Sometimes you may stumble on a website that looks genuine, but is in fact a site that’s specifically been set up to harvest personal data and financial information. Before submitting information on any site, always ensure that the URL begins with ‘https’ rather than just ‘http’, and that there is a closed lock icon alongside the address bar. Check that the site is displaying a security certificate too. Again, as with emails, if the website content is littered with spelling mistakes and poor grammar, it is likely to be bogus.
Keep your browser up to date
Updates are provided for a reason, and many will include security patches which are distributed in response to major detected cybersecurity scams. Never ignore an alert prompting you to update your browser. As soon as you are prompted, follow the instructions to download and install it.
Use firewalls and antivirus software
A firewall acts as a protective layer between your device or your network and a cybercriminal. Ideally you will have a device firewall and a network firewall. Used in combination, they will significantly reduce the risk of a cyberattack by blocking them before they do any damage.
Antivirus software scans incoming emails, files and code. It compares the signatures of this material to the signatures in an extensive database of known viruses and malware, alerting the recipient to any similarities, or isolating or removing the offending file.
It is vital that firewall and antivirus programs are kept up to date on a regular basis so that they remain effective.
How to prevent phishing scams with help from PC Docs
Ensuring your devices and networks are fully protected and your software is completely up to date are just some of the ways in which PC Docs can help protect your organisation from phishing scams.
We offer a comprehensive range of fully tailored cybersecurity solutions. To discover how we can protect your business against the risks of phishing scams and other types of cybercrime, please get in touch.