The Inspirus Blog

Don’t Feed the Phish: How to Keep Companies and Individuals Safe from Phishing Attempts

Posted by Allen Holman

4/4/17 9:00 AM

Phishing-Cybersecurity-Email-Banner.pngWhether at home, at work or on the go, 21st century technology allows us to be “connected” to the web at all times. Answering emails, checking social media and browsing the internet on an hourly basis have become common in today’s world, and the span of technology only continues to increase. However, with this high-tech era comes phishing: a new and common gateway for criminals and hackers to steal private information. Phishing is a way that criminals attempt to obtain access or sensitive data such as usernames, passwords and credit card details through a disguised email acting as an invoice, bank statement or password reset notification. Phishing can occur through almost any communication medium including automated phone calls, social media and email, and can happen anywhere you can be enticed to click on a link, open a document or disclose sensitive information.

Here at Inspirus, an employee engagement technology company, we take cybersecurity very seriously in order to protect our company, employees, clients and community. We seek to influence an individual’s ability to carry out activities with ease and efficiency while also improving their physical environment so that they feel comfortable and safe – factors that can be negatively impacted by phishing. Whether at work or at home, anyone can be susceptible to phishing. However, by being aware of the signs and taking precautionary measures, you can significantly lower your chances of losing valuable information to cybercrime.

Don’t get hooked: Six signs that you have encountered a phishing attack

  • Unexpected links or attachments that persuade you to click on them – especially if you hover over a link and it leads to a website unrelated to the email. Think before you click!
  • Documents or emails that ask you to do something in an urgent or quick manner and skip the normally required safeguards like security protection.
  • Content has poor grammar, misspellings and incorrect usage of capitalization and/or punctuation.
  • Emails from companies that you do not do business with or have never heard of before.
  • Requests for personal or secure information like your social security number, bank information, usernames and passwords.
  • Emails from someone you know, but the email address is unfamiliar or misspelled.

Think it through

Phishing generally relies on scaring you into taking action before you logically think through what you are being asked to do. Taking precautionary measures ahead of time such as turning on two-factor authentication and recovery options for critical accounts will save you time and the loss of pertinent information if you were ever to be affected by phishing.

If you believe you have encountered a phishing attempt, here are some tips to keep in mind in order to ensure you do not fall victim to a cybercrime attack.

  • If you think you have received a phishing email, mark it as spam. Don’t click on any links, open attachments, reply to sender or forward it on to someone else.
  • If something smells “phishy,” it probably is! For example, is someone who claims to work at your bank asking for your social security number or credit card information? If you receive an email claiming to be from a company but it looks suspicious, don’t click on anything. Go straight to the source and call them directly.
  • At work, know your company’s security policy. There may be specific ways or avenues to report phishing attempts. Organizations are responsible for a community of different people – clients, employees and shareholders. Everyone is responsible for the information security within a company and has a duty to be aware of the threats that are faced.
  • Keep a list of phone numbers to contact businesses that know your personal information such as banks and credit card companies. If you suspect that you’ve already been phished, call the businesses directly on a verified phone number so that you know you are talking to the company and not an imposter.

Oftentimes, phishing campaigns don’t target specific people – cybercriminals cast wide nets in hopes that just a few will be tricked in order to make a profit anyway they can, whether it’s stealing money directly from bank accounts or reselling personal information on the black market. Phishing can happen to anyone, but the best thing you can do is be actively aware of all emails, phone calls and messages you receive. Taking the necessary precautions ahead of time can safeguard you and others from phishing, while giving you peace of mind that your private and sensitive information is protected.

Topics: phishing, cybersecurity, email, technology