Multi-Factor Authentication ("MFA") is an authentication method that requires the user to provide two or…
What is phishing?
Phishing is when cybercriminals attempt to trick individuals into providing sensitive or personal information, usually via email. This information can include usernames, passwords, credit or debit card numbers, and so on. While it can sometimes look convincing at a glance, there are several ways you can detect a phishing attempt and protect yourself from becoming a victim.
What does phishing look like?
Phishing comes in many forms, but some of the scenarios you can expect to see in a phishing email include:
- Report of unusual activity on one of your accounts
- Prompt for a password reset
- Request for payment
- Message from HR
- Job posting, offer, promotion, etc.
- Invitation to a shared document, link, folder, etc.
- Package delivery update
- Giveaway announcement or alert
What are the risks of phishing?
Phishing carries several risks if not handled properly. If a cybercriminal is successful in obtaining information from you, it could result in serious consequences for you or your organization, such as financial losses, reputational damage, identity theft, data loss, and malware infections.
What are the warning signs of phishing?
Phishing comes in many forms, but some of the scenarios you can expect to see in a phishing email include:
- Fake sender address domain
- Unfamiliar names
- Strange or inaccurate greeting
- A sense of urgency
- Use of emojis (especially in the subject line)
- Suspicious-looking attachments
- Unexpected invoices / purchase information
- Bad grammar or punctuation
- Poor formatting
- Low resolution images
- Threatening language or warnings
- Reward promises
How can you stay protected from phishing?
If you see an email you can identify as phishing, mark it as junk or spam right away. Do not forward it to anyone, as it may contain malicious attachments that could easily spread to other computers or devices this way. If you have a suspicion but are not entirely sure whether an email is a phishing attempt, the most you can safely do to get another opinion on it is to take a screenshot or describe it.
To stay protected from phishing before and during an attempt, follow these best practices:
- Recognize the warning signs
- Don’t open attachments or links from unknown senders
- Hover to reveal full links and review them before clicking
- Use Multi-Factor Authentication
- Use a strong password and change it regularly
- Keep antivirus software installed and up to date
- Warn about (but don’t send) others suspicious emails
- When in doubt? Throw it out.
Related Posts
