What is Email Phishing?
Many people and businesses have experienced receiving emails and text messages from what appear to be legitimate companies that want to enhance your service, keep your account active or offer a convenience that you might be interested in. But most companies do not operate in this way, so if you click on the links within these messages, you open yourself up to hacking.
These emails and other online messages can be cunningly disguised as legitimate, but once you click that link and follow along, you are giving scam artists access to your information, your accounts, and even your systems.
How Email Phishing Works
There are actually many types of phishing attacks that everyone should be vigilant about, including:
- Malware- Installs a program onto your device to track your activity
- Spear Phishing- Highly targeted and is usually focused on a single high-profile individual within a company
- Smishing- A test that is disguised as a promotion, account update, or political message
- Pharming- Referred to as DNS Poisoning, this is designed to steal information by creating a spoofed webpage to gather valuable details about a company or its clients
- Clone Phishing- Sends a malicious link that if opened, spreads to all your contacts
- Business Email Compromise (BEC)- Appears as an email from someone within the company requesting urgent action, usually to send money or purchase something
- And there are several more, with criminals developing innovative new ways to try to steal and access your information
But here, we will focus on email phishing, which is extremely common among businesses and private individuals. Because all types of phishing rely on a sense of urgency and most people simply scanning a message quickly rather than reading it thoroughly, even the savviest of individuals can fall prey to the scam given the right circumstances.
How to Avoid Email Phishing Scams
There are two things you can do to help you stay ahead of these scam attacks:
- Never click the link- You are going to receive emails from an unrecognizable source, these are easier to spot, and they may often end up in your spam folder anyway. You may also receive emails from those you recognize but the messaging might not be what you expect. In either case, do not click the link enclosed. Instead, use your own links to navigate safely to the legitimate webpage you intend to visit.
- Add a browser filter extension- You can add an extension to your browser that helps to assess websites for legitimacy so you can avoid the malicious sites altogether. These extensions can recognize known scam sites and those that are suspect, offering you a warning before proceeding.
If you believe you have been the victim of an email phishing attack, change all passwords and make sure every gateway you use has a unique password.
To be certain, Longhurst Consulting can help your business defend against email phishing, or phishing of any kind, to keep your data, along with your company and your clients safe.
Longhurst Consulting is focused on providing reliable and secure IT solutions with the best value for our clients. For more information contact us at (403)483-8699 or email mitz@Longhurstconsulting.com.