In our world today, we use email for a majority of our work communication. Many people work in a fast paced, continually “go, go, go” environment and receive countless emails on a day to day basis. With so many important emails many people like to flush out the quick tasks and remove as much as possible from their inbox. According to Forbes, nearly 50% of email replies are sent within an hour. This means that many people respond quickly and move on to the next email, but is it possible that this quick response time has allowed for scammers to get exactly what they want? Phishing scams are becoming increasingly more common and it’s important to be aware of the signs.
What is a Phishing Scam?
Phishing scams are typically email communications that appear to be inquiries from colleagues or other authentic companies you work with. The scammers rely on the inherent trust that has been built within a company, so the receiver responds to the inquiry, making these emails increasingly more difficult to identify.
What these Scammers want…
_Steal money and send directly to cybercriminals _Details to access your bank account
_Intercept and steal online payments _Install malware on your computer
_Access email accounts, online payment & apps _Personal information to hold for ransom
What to look for…
- Double Check Sender
Check to see if the sender of the email is legitimate. Not just the display name, but the email address itself. The email could be from a random email address, or look like a company email with missing or jumbled letters.
- Grammar and Phrasing Errors
Notice grammar and style errors. Don’t merely skim your emails. Read them carefully.
- Random Links / Domain Names/ Attachments
Do not immediately click on unexpected links or attachments. Hover over (DO NOT click) the link to view Alt Text. If the text looks bizarre, doesn’t match what the link description says, or ends in something other than a traditional .com, .net or .org, be cautious.
- Beware of urgency
In many industries, it can be difficult to identify the urgency of some inquires. Schedules change and metaphorical fires need to be put out; however, “emergency” or “urgent” emails need to be read with extra caution.
- Contests/ Prizes/ Discounts/ Notices
Do not open an email if it states that you’ve won a contest or prize, you will receive a discount if you click a link, or if you are threatened that your personal information needs to be updated with immediate action. These tactics evoke curiosity, urgency or even panic in the reader, but will result in a scam. If you think that an “immediate action required” email is legitimate, do not use links within the email but rather visit the website for the company that is inquiring. (ie. “Update Your Bank Information” – Log onto your bank’s website and DO NOT click on links within the email.)
- Don’t Fall for Images and Logos
Brand logos and trademarks are no guarantee that an email is real. Even anti-virus badges can be inserted into emails to persuade victims into thinking there is no real threat. None of these add any actual legitimacy to an email.
- Strange Signatures or Salutations
If the address is general or vague, such as “valued customer” or “employee” or if the signature is missing, odd or unusually formatted, be cautious.
- Asking for Personal Information or Money
DO NOT ever send information regarding SSN, Bank Account Information, or personal addresses via email.
If you are asked to send money to someone via email, especially regarding a weird payment type, be aware.
i.e Bitcoin, Gift Cards, Wire Transfers
When In Doubt, CALL
If you are uncertain of an inquiry from a colleague or business partner, especially related to a payment or sharing personal information, CALL them to confirm.