Featured image for “How to Recognize & Avoid Phishing Attacks”

How to Recognize & Avoid Phishing Attacks

A phishing attack is a a type of attack often used to steal user data, login credentials, credit card numbers, and more. It usually arrives in your inbox as a fake email that’s designed to look like it’s coming from a trusted source. The phishing email tries to trick you into clicking on a malicious link or email attachment while attempting to look legitimate. If a malicious link is clicked or attachment is opened, it can lead to things like malware infections and ransomware attacks. If you are tricked into revealing personal information, this can lead to identity theft and financial losses. Depending on the scope of the attack, a phishing attempt could escalate into a security incident from which businesses can have a difficult time recovering.

Check the Sender’s Email Address

If an email seems suspicious, check to see if the the sender’s email address looks legitimate. For example, if you receive an email from a company claiming to be named “Acme”, the sender’s email address usually includes the company name (E.g: SendersName@Acme.com).

Check the Salutation

Trusted sources usually address you by your name. If the first line of the email starts with “Dear customer”, or something equally impersonal, this may be a warning sign.

Mouse Hover on Links

Often times phishing emails contain malicious links that can lead you to an unsafe website. Instead of clicking on a link you’re unsure about, there’s a method you can try that will give you a clue as to where that link will take you. If you’re accessing your email from a desktop computer, try hovering your mouse cursor over the questionable link (but don’t click on it). Many desktop browsers and email clients will show you the full URL of where that link will take you in the bottom left hand corner of your screen when you mouse-hover on a link.

Check the Footer

Many legitimate emails include a company’s physical mailing address in the footer section for contact purposes. See if the mailing address in the footer of the email matches the company’s real mailing address.

Check Email Header Information

Many times emails can be cleverly disguised to get past spam filters and are not easily identifiable as malicious. If you suspect that an email is spam or malicious but are not 100% sure you have the option to look at the email header. This is a bit more technical but provides a great deal of information regarding the email sender, mail server, etc. This information can help you determine if the email originated from a legitimate sender. Most popular email services and email clients provide options to read the email header.

Verify by Phone

Call the sender’s company to verify the validity of the email. Look up the sender’s company phone number by searching any trusted source (official company website, etc.). If you are able to speak with a company representative, ask them about the email in question. Be cautious though, some scams try to trick you by phone as well.

Ask a Professional

If you’re still uncertain, you can always contact us to to investigate the email in question.

Back to News