CyberSecurity Awareness Month – Recognizing and reporting phishing
The reviews are in: phishing is popular among hackers and can be catastrophic for both individuals and organizations. Phishing makes up 44% of social engineering incidents, and 98% of phishing incidents are via email. But it isn’t enough to simply know that phishing emails are out there; you also need to be able to recognize and report them. Let’s preview some of the scripts used by hackers in their big heists this year:
- Emails that contain an offer that’s too good to be true
- Language that’s urgent, alarming, or threatening e.g. your Netflix account will be deactivated if you don’t update your password!
- Poorly-crafted writing with misspellings and bad grammar – Bad Grammar, It’s A Scammer
- Greetings that are ambiguous or very generic – e.g. email says Dear Customer, instead of using your first name like Dear Daren,
- Requests to send personal information – e.g. username and password
- Urgency to click on unfamiliar hyperlinks or attachment – NOTE links should always match the domain of the service
- Strange or abrupt corporate communications
- Sending e-mail address doesn’t match the company it’s coming from
If you suspect an email is phishing, it’s best to report it to your IT department, or to the company that it’s pretending to be sent from. Here are some links to the more popular websites that will help you to report Phishing scams related to their service:
0
