Phishing may be the number one offender when it comes to cybercrimes, Every day thousands of people fall for it. According to the Verizon 2021 Data Breach Investigation Report over 90% of incidents that end in a data breach start with a phishing email. Organizations use various ways to teach employees how to recognize phishing emails. From long winded seminars or lectures to short and entertaining security awareness videos. The problem is that no two phishing emails are the same. You can’t teach all the methods because as soon as you do, hackers find a new way to trick people.
AwareGO has several training videos for phishing. We even have a ready-made training program that teaches phishing awareness. In addition it also teaches some of the ways hackers try to trick people through phishing. It’s tricky to try and tell all in one short awareness video. That’s why we’ve created a new super short, hands-on training video. Our new video goes over the main points of how to recognize phishing emails.
8 tips to recognize and avoid falling for phishing emails
- Check the sender’s address.
At first glance it may look legit. But upon further inspection there may be a typo or even a completely different domain behind it.
- Hover over links.
URLs can be linked to words such as “click here” or text that looks like a genuine URL. However, the link behind can be an entirely different URL. It doesn’t matter how links are presented in an email. If you hover over them you can see if the URL behind them is taking you to a legit website.
- Be careful about opening attachments in emails.
Even if the sender’s address is legit there is still a chance that their email account has been hacked. That means it could be used to send out infected attachments. Only open attachment if you were expecting them. If in doubt, contact that person by other means and ask about the attachment.
- Take a closer look at the lingo.
Urgency and threats are a tell-tale sign that you are dealing with a phishing email. Would your workplace send out an email like that? Would any legitimate service (your bank, online shop or phone company) send you an email like that?
- Look at the greeting and sign off.
Phishing emails often start and end with a generic sign off. That’s because the hackers don’t usually know your name. Or, if they are trying to impersonate someone from your office, the name of your co-workers.
- Don’t type in your credentials after clicking a link.
If you click a link in a phishing email, chances are you will be sent to a faked or hacked website. This website may ask you to sign into your account. If you do you will give hackers access to your credentials and a way into your accounts. Instead of clicking a link, type in the known URL for that service.
- Don’t download software after clicking a link.
The spoofed website you land on may ask you to download software to remedy a situation or finish a task. This software will be infected with malware or spyware and can cause serious harm to you and your workplace.
- Remember that phishing can also be done without email.
Hackers use text messages and telephone calls to try and trick you to give up sensitive information.
Too long – Didn’t read?
Don’t like reading? You can check out our brand new “Think before you click” video to learn how to recognize phishing emails. We’re on a mission to make the world a more cybersecure place. That’s why you should feel free to share this video with anyone you know that may benefit from this information.
Sign up for free to try out our security awareness content and software. No credit card or commitment needed.