IN THE NEWS
Better Data Security: Don’t Be Tricked By A Phishing Email
Every day we get hundreds of emails. Every day, we are pressed for time to get our work done. Every day, we open emails with attachments, sometimes without even thinking. For many, it is simply now a reflex. But, we must be vigilant and cautious of what messages we read. There are hackers and cyber thieves we need to be on guard for.
Hackers and other criminals are getting better at trying to gain access to our private information through the use of Phishing email. Phishing is an email that appears to be from a legitimate company asking you to provide sensitive information. This is usually done by a link in an email message that will take you to the company’s website to fill in your information. But, the “company’s website” is actually an image of the real website and actually sits on the Criminal’s server.
Phishing is a spin on the word, fishing, because criminals are dangling a fake lure (fish) hoping that the people opening the email will take the bait. Some of the information that criminals have requested includes credit card numbers, account numbers, passwords, user names, bank account information and more.
So, what can you do to avoid being tricked? Watch for clues that the message is actually a scam. The image below is for an email received on 10/3/18 from Bank of America. Note the items marked with the red arrows.
- The email is not addressed to the recipient, but rather to “Customer”, “Recipients” or something that is not your name.
- The sender’s email address does not match with the name of the sender.
- The message could start with “Dear Customer” as opposed to your name.
- The web link to click on does not look like the sender.
Often times, a message with an attachment can appear real, but the attachment carries a virus. In this example:
- The sender and the information in the header looks very authentic. Hard to tell if this is legitimate or not.
- However, look at the first sentence. Note the misspelled word “shred” – it should have been “shared”.
- Look at the end of the line. Does the word “inquiries” seem out of place? Perhaps the word should have been “questions”.
- Note the sentences are very abbreviated and do not provide any additional information. If this had been a real email, there would have been more information from the sender.
- Note the cell phone number. There’s one too many digits in the phone number.
So, keep these recommendations handy, as a reminder:
- Don’t click on any unknown attachments.
- Read the messages slowly and look for misspelled words.
- Check the sender’s email address carefully.
- Hover over any URL links to make sure they are valid, but don’t click on them.
- Contact your trusted IT Vendor to implement updated email security.
- Be proactive and watch what you open and click on.
Reach out to your trusted IT Professional for assistance with email support and management. Being proactive to protect you and your business against possible security breaches, cyber-attacks, and computer infections starts with having a good password management program. Your IT Professional can provide Security Software, physical firewalls, Vulnerability Assessments, and other Managed Cybersecurity solutions to provide the proper protection for your business. This is the benefit of working with an IT Professional.
Founded in 2003, ELIJAH is a multi-award-winning leader in providing expert digital forensic, data security solutions, and managed IT. ELIJAH is owned and managed by former litigation partners and is an efficient boutique digital forensic, cybersecurity and IT solutions provider that makes clients’ lives easier through effective communication and white glove service. For additional information, please visit https://www.elijaht.com or call 866-354-5240.
Elite Networking and Consulting is now part of ELIJAH. ELIJAH looks forward to continuing to deliver managed IT services with the same degree of care and high standards created by Elite. ELIJAH is also pleased to broaden our scope of expertise in providing digital forensic, cybersecurity and IT solutions.