While there are technological tools that can help protect against phishing attacks, the best defense is a cyber security aware workforce. Here are some things to teach your team to look out for.
- Sender name and email – are you expecting the email? Is the email address correct? Is it from a known or trusted domain? Make sure it is not from a fake domain made to look real. For example, if it is supposed to be from “person@BankOfAmerica.com”, it will try to fool you by replacing the “O” with “0” (zero)…”person@Bank0fAmerica.com”.
- Attachments – Never open unknown or compressed attachments
- Address to – Is the email impersonal or does it sound like it’s someone that doesn’t know you?
- Grammar – While we all make mistaks J a lot of grammatical errors or strange misspellings are a clue that something is not right
- Threats or scare tactics – Does the sender make urgent requests or threats that are meant to make you react quickly?
- Links – never open a link simply by clinking on it. Hover over it to be sure it links to the correct page. To be extra safe, type in the destination link yourself.