You’ve heard of phishing scams: an email appears in our inbox, apparently from a Nigerian prince who needs a cash advance to free up their own finances, and is willing to reward you with riches galore. However, this is just one example of a phishing scam. In order to protect your business, you need to be ready for all phishing scams, whatever they look like.
Tip 1: Take Phishing Scams Seriously
Despite the relatively simple approach they take, phishing emails are credited with causing many of the larger breaches that have occurred recently, and have successfully scammed people for years. In essence, a phishing scam convinces the target to click a link that either downloads malware onto their device or takes them to a fraudulent page that steals their personal information.
Tip 2: Phishing Scams are Difficult to Spot
While many phishing attempts are about as convincing as the fictional Nigerian prince story, many are much harder to spot. This is why you should always review your email with a critical eye, even when all seems to be fine. Do you know the person who just emailed you? Did you expect an email from that person? Are there attachments and links in the message? While these factors might mean nothing, it’s a “best practice” to review them.
You should also be critical of the tone of the message. Despite the urge to comply that many people are raised with, an urgent message that demands swift action shouldn’t be accepted at face value without some more digging.
Your criticism shouldn’t stop there, either. Even if you know the sender, don’t assume that they were actually the one to send it. If the content of the email doesn’t match how you know that person speaks, be extra cautious, especially so if the message includes some request of you. When in doubt, don’t hesitate to contact the supposed sender through other means as possible and confirm that they did send the message. A quick phone call could save you a lot of hassle. Better yet, delete it. If it’s a legitimate request chances are strong they’ll contact you again.
Tip 3: Plan Ahead for When All Else Fails
Finally, you need to prepare for the worst: falling for a scam. Nobody’s perfect, and the bad guys are getting better at this. The more people who are in your organization, the more likely it becomes that someone takes the bait. Using a tool like two-factor authentication and maintaining a backup can help you minimize the risks of this occurring, and help you mitigate damage if it does.
Backups and disaster recovery (BDR) can prevent serious headaches – and serious losses of revenue and productivity. Inevitably, one of these scammers will strike. How prepared are you? How protected is your network and data?
What’s your plan?
Clients turn to The Walker Group when they need help developing Internet policies, security awareness training for employees, a multi-layered security plan, or are looking to put a BDR strategy in place. Need help? Let’s talk.
If you’re grappling with the aftermath of a phishing expedition and need help NOW for a growing emergency, turn to Walker911.