Abstract
Phishing is a word that has a couple of different meanings, depending on the spelling and context. Fishing, like the act of sitting down with a pole and trying to catch a fish, can be a relaxing, leisurely activity. Phishing, with a “ph,” is anything but that, and it can be a tiring and scary situation to navigate—particularly if you or one of your employees have fallen victim to an attack.
Let’s go over some of the ways you can train your team to identify phishing attacks and how they can react to them.
Unsolicited = Suspicious, Most of the Time
Sometimes you’ll receive messages about confirming special offers or performing specific tasks. These emails might urge you to take immediate action, often by clicking a link or downloading an attachment. Hackers will use these methods to convince users to download infected files and hijack their systems in the process. If it looks suspicious, like you see uncharacteristically misspelled words, poor grammar, or clear and convincing evidence of fraud, then you should report the email to IT to flag it as dangerous.
Don’t Trust the Sender? Don’t Trust The Links, Either
Phishing links are one of the oldest tricks out there, and clicking one is so easy that it is almost effortless. The user might receive a phishing link in an email or text message, along with a reason to click the link—usually not a very good or convincing one. Still, someone who is not paying attention can very easily make the mistake of clicking on it, resulting in a data breach.
Sometimes links will even look legitimate, too, through the use of letters and numbers that look similar to others. A good example is a 1 instead of an “I” in a URL.
Confirm Identities When in Doubt
Phishing attacks often come through a specific vector, meaning that if the message comes from an email, you have options to confirm the identity of the sender. For example, you might see that it has come from someone internally, prompting you to check in with the supposed sender by phone or in person. There are always options to check the authenticity of a sender, and when in doubt, a little caution is better than not enough.
If you want to ensure that your organization stays ahead of phishing attacks and security issues in general, NetMGM has great tools to help you protect your business. To learn more, call us today at 888-748-2525.
ABOUT THE AUTHOR
Rafiq Masri
With over 25 years of experience in Information Technology, Rafiq is one of the most accomplished, versatile and certified engineer in the field. He has spent the past 2 ½ decades administering and supporting a wide range of clients and has helped position Network Management, Inc. as a leader in the IT Managed Services space.
Rafiq has built a reputation for designing, building and supporting top notch IT infrastructures to match the business objectives and goals of his clients.
Embracing the core values of integrity, innovation, and reliability, Rafiq has a very loyal client base with some customer relationships dating back 20+ years.
Rafiq holds a bachelor’s degree in Mechanical Engineering from the University of Michigan and has completed graduate programs in Software Engineering and Business at Harvard and George Mason University. Rafiq is a former founder and CEO of Automation, Inc. in Ann Arbor, Michigan as well as a valued speaker on entrepreneurship and technology at industry events such as ExpoTech and others.