Alltech IT Solutions Blog

You Have to Think Before You Click

You Have to Think Before You Click

Phishing attacks are more commonplace than you might think. Whether it’s scamming someone into sending payments to fund who knows what or simply spreading malware or viruses, these phishing attacks are a part of doing business; therefore, it’s important that you take measures to avoid some of the most clever tricks in the book. Let’s examine some of them.

Defining Phishing

Phishing attacks are attacks that come in the form of actual legitimate emails. Cybercriminals try to trick users into handing over important credentials, sharing important information, and downloading malware. Phishing emails are particularly dangerous because they can seem quite real. A phishing attempt for your PayPal information could look just like your everyday PayPal message. To make matters worse, phishing emails instill a sense of urgency in their targets, spurring them to take immediate action to pay an overdue bill or change a stolen password.

How to Spot a Phishing Attack

Even the best of us can be tricked by phishing scams from time to time, and it’s all because they can take so many different forms. Thankfully, there are plenty of ways you can prepare your team to identify phishing scams. Here are some tips to consider:

  • Maintain strong, unique passwords: If your account is ever hacked, then the least you can do is make sure that the password you use for that particular account isn’t used anywhere else.
  • Check the email address in the header: Make sure that emails appearing to come from a particular domain are, in fact, actually coming from that domain. For example, whatshisname from PayPal should have an email address of . However, you need to make sure that emails aren’t coming from a subtle domain like . Of course, you have to be exceptionally careful about any messages asking you to click links or submit sensitive information.
  • Don’t automatically download attachments: Most malware will find its way onto your network through email attachments. If you haven’t specifically requested an attachment, it’s safe to say that you should be more than a little skeptical if you receive one in an inbox. If you have any reason to doubt the authenticity of the attachment, you should take a moment to reach out to the sender in an alternative form of communication and confirm that it works.
  • Look before you click: If the email has a link in it, take a moment to hover your mouse over it before you click. This gives you the true nature of the link. Here are some examples of legitimate and suspicious URLs:
    • Paypal.com - This is safe. That’s PayPal’s domain name.
    • Paypal.com/activatecard - This is safe. It’s just a subpage on PayPal’s site.
    • Business.paypal.com - This is safe. A website can put letters and numbers before a dot in their domain name to lead to a specific area of their site. This is called a subdomain.
    • Business.paypal.com/retail - This is safe. This is a subpage on PayPal’s subdomain.
    • Paypal.com.activecard.net - Uh oh, this is sketchy. Notice the dot after the .com in PayPal’s domain? That means this domain is actually activecard.net, and it has the subdomain paypal.com. They are trying to trick you.
    • Paypal.com.activecardsecure.net/secure - This is still sketchy. The domain name is activecardsecure.net, and like the above example, they are trying to trick you because they made a subdomain called paypal.com. They are just driving you to a subpage that they called secure. This is pretty suspicious.
    • Paypal.com/activatecard.tinyurl.com/retail - This is really tricky! The hacker is using a URL shortening service called TinyURL. Notice how there is a .com later in the URL after PayPal’s domain? That means it’s not PayPal. Tread carefully!

Of course, all organizations handle domains differently, but these rules above should give you an idea of what to look for in illegitimate addresses.

Training your employees to identify these phishing emails will go a long way toward keeping your business secure. Alltech IT Solutions can help you implement solutions designed to limit the threat of phishing attempts and help your employees stay aware of the dangers. To learn more, reach out to us at 954-628-3770.

Intro to Your Tech: Dark Web
Six Critical Small Business Mistakes to Avoid
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, February 27 2020

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Mobile Devices Microsoft Office File Sharing Staff Social Media Google Drive Maintenance Office Threats Freedom of Information Human Resources Efficiency News Troubleshooting Online Shopping Google Employee-Employer Relationship Apps Networking Distribution IT Printer Telecommuting Microsoft Teams Tech Support Scams Spam Blocking Tech Term Antivirus Smartphone Entertainment Business Technology File Management Microsoft BYOD Cloud Technology Chrome OS Small Business Office Tips Laptop Mobility Solid State Drive Business Healthcare Cybercrime Emergency Environment Proactive IT Tip of the week Gmail Project Management Digital Paperless Office Browser Employer Employee Relationship Managed IT Financial Video eCommerce Tip of the Week Information Hackers User Tips Bandwidth Autocorrect Comparison Going Green Apple Cryptocurrency Synergy Outsourced IT Outlook disposal RAM Managed IT Services IaaS Politics Insurance Training Physical Security Spam VoIP Server Virtual Private Network E-Commerce Remote Computing Managed Services Provider Automobile Users Cost Management Alerts Virus Dongle Law Enforcement Blockchain Paste Update Data Backup Computers Compliance Profiles Hard Drives Hacker Telephone System OneNote Passwords Content Filtering Remote Control Medical IT Website Gadget Spotify Work/Life Balance Error Gadgets How To Ink WiFi SaaS DDoS HIPAA Hard Disk Drive Android National Security WannaCry Reporting Virtual Assistant Movies Touchscreen Unified Threat Management Shadow IT Congratulations Email Printing Automation Operating System GDPR Upgrade Data Specifications Bitcoin Company Culture Backup Communication Storage User Tip Phishing Applications Threat Gaming Console Printer Server PowerPoint Customer Relationship Management Windows 10 Safety Dark Web Managed IT Service Websites Managed IT Services Budget Mobile Device Management Time Management Managing Stress Office 365 Innovation Net Neutrality Security Biometrics Paper Processors Software Thank You eWaste Personal Information Communications Eliminating Downtime Data Breach Search Battery Sports Health Employees Data Protection Data Recovery Windows Wireless G Suite Facebook Remote Monitoring Tech Terms Benchmarks Firewall Productivity Mobile Device Electronic Health Records IT Management Instagram instant Messaging Vulnerability Holiday Updates IT budget Word The Internet of Things BDR Payment Hybrid Cloud Network Attached Storage Windows Server 2008 R2 Quick Tips Value Voice over IP Mobile Security Saving Money Workplace Tips Authentication Trends Router Two-factor Authentication Network Security Hardware Education App Windows XP Printers Staffing e-waste Backup and Disaster Recovery Data loss Downloads Sales WhatsApp Technology Tips Ransomware Amazon Knowledge Email Management Computer Care Tactics Mobile Office Business Management Customer Service Data Management VPN Disaster Recovery Travel Employer-Employee Relationship Connectivity Cables Network Managed Service Provider Samsung Social Network Spyware Excel Humor Dark Data Malware Video Games Machine Learning Telecommute Regulation Inventory Remote Monitoring and Management Money Display Virtualization Unified Communications Windows 7 Emoji Smartphones Certification Worker Scheduling Webcam Payment Cards Cortana Help Desk Multi-Factor Authentication Hard Drive Twitter Files Authorization Wi-Fi Information Technology Access Control IT Services Yahoo Voice over Internet Protocol Computer Save Money Marketing Password Hosted Solutions Settings Productivity A.I. Security Cameras Analysis Cleaning IT Support Telephony Scalability Wireless Internet Hacking Artificial Intelligence Phone System Fleet Management Taskbar Live Streaming IT Support Database VoIp Chrome Retail Profitability Internet Google Maps Analytics Microsoft Office 365 Business Computing Hosted Solution Government Vendor Management Telephone Systems Internet of Things Avoiding Downtime HP Access Alert Document Management Recovery HaaS Copy Bring Your Own Device Mobile CrashOverride Hosted Desktop Encryption Vendor Multi-Factor Security Plug-In Tablet Co-Managed IT Wireless Charging Lead Generation Scam Millennials Workers Windows 10 Remote Support Collaboration Holidays Licensing Hiring/Firing Vulnerabilities Recycling Processor iPhone Privacy Conferencing Credit Cards Streaming Media Wearables Best Practices Internet Explorer Batteries SSD Current Events Managed Service Miscellaneous Cabling User Security Data Security Leadership Cybersecurity Botnet Cloud Computing Smart Technology Risk Management Patch Management Business Intelligence Shortcut Business Continuity Memes Television Edge Server Management Big Data