Awareness and Protection Against Phishing Emails
Phishing is a common type of social engineering attack. A social engineering attack uses impersonation or manipulation of a situation to the trust of the victim to perform a specific action.
Within the IT space, social engineering attacks are common as criminals want to gain access to systems or information held within them. With deception or fear, the people operating the computer are susceptible to the attack.
Email is one of the most common platforms for this type of attack due to its versatility and its tight integration into people’s personal and business lives.
Attackers will send emails, which have been designed to look legitimate, asking recipients to perform an action such as open infected attachments or visit an infected website.
How to Spot a Phishing Email
Learning the common signs of attempted phishing emails is the best way to prevent yourself from attack. These are the things to look out for:
- The Sender’s Email address: If the email address looks suspicious, it probably is.
Cyber Attackers will often create slight variations of legitimate email addresses or attempt to mimic an organisation’s official email address to appear authentic.
- Poor Spelling and Grammar: Commonly, a Phishing email will contain noticeable spelling and grammar errors or awkward and confusing phrasing. This can be for a variety of reasons, however, many Cyber Attackers want to distinguish the most susceptible individuals and those who do not notice are likely to be easier to catch again.
- Urgent and threatening language: Recipients can be manipulated by urgency and threatening language to comply. Severe consequences are indicated for non-compliance.
- Suspicious Links: Links to unexpected sources or illegitimate links are common within Phishing emails. Hover over links to see the destination before clicking them.
- Unusual or Unexpected Requests: Deception is a key tool of Phishing attacks. Deceiving recipients with requests that deviate from normal behaviour can be a useful tool when used in combination with urgency.
Stay Cyber Safe
As phishing emails continue to be a threat in 2023 and beyond, the importance of identifying the signs of an attack can be vital to protecting your organisation.
Contact us to learn how we can help educate your team with training and simulated attacks through our Cyber Wise programs.