Alltech IT Solutions Blog

You Have to Think Before You Click

You Have to Think Before You Click

Phishing attacks are more commonplace than you might think. Whether it’s scamming someone into sending payments to fund who knows what or simply spreading malware or viruses, these phishing attacks are a part of doing business; therefore, it’s important that you take measures to avoid some of the most clever tricks in the book. Let’s examine some of them.

Defining Phishing

Phishing attacks are attacks that come in the form of actual legitimate emails. Cybercriminals try to trick users into handing over important credentials, sharing important information, and downloading malware. Phishing emails are particularly dangerous because they can seem quite real. A phishing attempt for your PayPal information could look just like your everyday PayPal message. To make matters worse, phishing emails instill a sense of urgency in their targets, spurring them to take immediate action to pay an overdue bill or change a stolen password.

How to Spot a Phishing Attack

Even the best of us can be tricked by phishing scams from time to time, and it’s all because they can take so many different forms. Thankfully, there are plenty of ways you can prepare your team to identify phishing scams. Here are some tips to consider:

  • Maintain strong, unique passwords: If your account is ever hacked, then the least you can do is make sure that the password you use for that particular account isn’t used anywhere else.
  • Check the email address in the header: Make sure that emails appearing to come from a particular domain are, in fact, actually coming from that domain. For example, whatshisname from PayPal should have an email address of . However, you need to make sure that emails aren’t coming from a subtle domain like . Of course, you have to be exceptionally careful about any messages asking you to click links or submit sensitive information.
  • Don’t automatically download attachments: Most malware will find its way onto your network through email attachments. If you haven’t specifically requested an attachment, it’s safe to say that you should be more than a little skeptical if you receive one in an inbox. If you have any reason to doubt the authenticity of the attachment, you should take a moment to reach out to the sender in an alternative form of communication and confirm that it works.
  • Look before you click: If the email has a link in it, take a moment to hover your mouse over it before you click. This gives you the true nature of the link. Here are some examples of legitimate and suspicious URLs:
    • Paypal.com - This is safe. That’s PayPal’s domain name.
    • Paypal.com/activatecard - This is safe. It’s just a subpage on PayPal’s site.
    • Business.paypal.com - This is safe. A website can put letters and numbers before a dot in their domain name to lead to a specific area of their site. This is called a subdomain.
    • Business.paypal.com/retail - This is safe. This is a subpage on PayPal’s subdomain.
    • Paypal.com.activecard.net - Uh oh, this is sketchy. Notice the dot after the .com in PayPal’s domain? That means this domain is actually activecard.net, and it has the subdomain paypal.com. They are trying to trick you.
    • Paypal.com.activecardsecure.net/secure - This is still sketchy. The domain name is activecardsecure.net, and like the above example, they are trying to trick you because they made a subdomain called paypal.com. They are just driving you to a subpage that they called secure. This is pretty suspicious.
    • Paypal.com/activatecard.tinyurl.com/retail - This is really tricky! The hacker is using a URL shortening service called TinyURL. Notice how there is a .com later in the URL after PayPal’s domain? That means it’s not PayPal. Tread carefully!

Of course, all organizations handle domains differently, but these rules above should give you an idea of what to look for in illegitimate addresses.

Training your employees to identify these phishing emails will go a long way toward keeping your business secure. Alltech IT Solutions can help you implement solutions designed to limit the threat of phishing attempts and help your employees stay aware of the dangers. To learn more, reach out to us at 954-628-3770.

Intro to Your Tech: Dark Web
Six Critical Small Business Mistakes to Avoid
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, September 22 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Wearables Small Business disposal Alert Emoji Access Gmail HaaS Spyware Scalability Paperless Office Virus BDR Data Recovery Windows 10 Net Neutrality Storage Troubleshooting News Sports RAM Communications Education Certification Remote Control Windows XP Telephone System Environment Retail Email Telecommuting Managed Service Live Streaming Website Taskbar Eliminating Downtime Phishing Proactive IT Mobility Movies Hardware Data Protection Cables Mobile Device Management Managed IT Services Sales Internet Explorer Vendor Management Gadget Freedom of Information Electronic Health Records Regulation DDoS Personal Information Efficiency Human Resources Risk Management Windows 10 Users Bitcoin Printing Shortcut Amazon User Tips Excel Employer Employee Relationship Remote Monitoring Dongle Data Management Browser Analysis Health Customer Service Hosted Solution SaaS Staff Twitter Hard Disk Drive Smart Technology Avoiding Downtime Gadgets Search IT Services Windows Lead Generation Marketing Battery Touchscreen Office Biometrics Windows Server 2008 R2 Leadership IT Support Artificial Intelligence Innovation Authorization Threats Current Events Travel Recovery Saving Money Video Games Vulnerabilities Thank You Networking Windows 7 Password Technology Tips Big Data Work/Life Balance Phone System Telephone Systems Benchmarks Backup and Disaster Recovery Cloud Security Mobile Devices Money Emergency Samsung Authentication Printer Budget Reporting Congratulations Router eCommerce Outsourced IT Tip of the Week Help Desk Workplace Tips Chrome Android Tech Support iPhone Hackers Malware Spam OneNote Computers Edge Mobile Security Operating System How To App Hacking Tech Terms Trends Access Control Paper Data Security Update Microsoft Office 365 Internet of Things Payment Dark Data Instagram User Tip Specifications Payment Cards Telecommute Mobile Device National Security IT Support Content Filtering Printer Server Communication Employees Plug-In Managed IT Processors Machine Learning Solid State Drive Remote Support Data loss Information HP Cybersecurity Threat Streaming Media Law Enforcement Physical Security Encryption Miscellaneous Laptop VoIp Voice over Internet Protocol Security Cameras Network Remote Monitoring and Management Company Culture Social Media Microsoft Office Technology Ink Webcam SSD Computer Care Spotify G Suite Google Maps Comparison Downloads Backup Financial Apple Batteries Entertainment Microsoft Teams Save Money Outlook Antivirus VPN Botnet Millennials Voice over IP Privacy Cortana File Sharing Alerts Value Display Hard Drives Business Employer-Employee Relationship Document Management Printers Information Technology Training Scheduling Hosted Solutions Two-factor Authentication Spam Blocking Holiday Business Continuity Automobile Autocorrect Telephony Unified Communications Apps Yahoo Knowledge Virtualization Unified Threat Management Collaboration Hiring/Firing Synergy Medical IT Blockchain Time Management Software Conferencing IaaS Managing Stress Data Automation WiFi A.I. Staffing e-waste Cleaning Cybercrime Video Smartphone CrashOverride Digital Internet Wireless Charging Government Tablet VoIP Cabling Google Drive Productivity Facebook Microsoft Passwords Television Hybrid Cloud Office Tips Server Online Shopping Project Management Managed IT Services WhatsApp Data Breach Ransomware Workers Upgrade Error Compliance Multi-Factor Security Disaster Recovery Bring Your Own Device Business Computing Employee-Employer Relationship Computer Copy Word Paste Safety Quick Tips Updates BYOD Smartphones Processor Server Management Vulnerability Tech Term Credit Cards Analytics Hacker Business Intelligence IT budget Scam Data Backup Tactics Tip of the week Network Attached Storage Wi-Fi User Security Bandwidth Licensing Going Green Email Management WannaCry Healthcare Scams Cloud Computing Virtual Assistant Hard Drive E-Commerce Applications instant Messaging Websites Dark Web Connectivity Politics Business Technology The Internet of Things eWaste Database Google Settings Managed Service Provider Recycling Worker Best Practices HIPAA Wireless Gaming Console Productivity Inventory GDPR Profitability Network Security Wireless Internet Chrome OS Cryptocurrency Business Management IT Management Managed IT Service Files Office 365 Patch Management Cost Management Maintenance Remote Computing PowerPoint