Keep Your Business Safe From Phishing Scams
Businesses may receive emails from vendors or suppliers about banking changes, missed payments, or a change in banking information and need a new form of payment to be sent to a new account.
An unsuspecting financial employee may think their company’s suppliers were just going through some changes and ned up processing the payment or banking information.
Then, a few days later, the company will receive a phone call from the actual vendor inquiring why they haven’t received payment. What happened? Didn’t they just request a change in banking information?
Unfortunately, untrained and unsuspecting employees fall victim to phishing scams, costing businesses millions of dollars.
What is Phishing?
Phishing is the most common type of cyber attack where criminals impersonate brands, banks, employees, and trusted business partners to manipulate people into downloading malware, or ransomware, visiting fake websites, or providing confidential information resulting in a financial loss.
Phishing attacks can be deployed through emails, over the phone, through social media, and messaging apps to reveal:
Credit Card Details
Bank Login Information
Social Securit numbers
How To Identify A Phishing Scam?
According to CoFense, a phishing defense solution, companies that train employees to identify and report attempted phishing attacks only have a 5% susceptibility rate to phishing. Here’s how to spot them:
SPOT IT #1: Poor Spelling and Grammar
Many cyber criminals don’t take the time to create clear and convincing emails, something brands take time to do, and foreign cybercriminals typically rely on something like Google Translate to translate their message.
If you receive a poorly written email, double check the sender name and email. Cyber Criminals can also fake the name on the email, but they can’t fake the email address.
Response: Forward the Email to your Cyber Security Team to investigate any emails in question.
SPOT IT #2: Suspicious Links
Phishing scams can lure people into clicking a link or downloadable attachment with malware and ransomware. The links can also take you to a malicious site.
Is the URL shortened?
Is the URL a look-a-like?
Remember, Cyber Criminals can insert a hyperlink into a text like a legitimate website, but it actually takes the user to a malicious or fake website.
Response: Do not click the link or text, but hover your mouse over the link to see what lies behind the mask.
SPOT IT #3: Fake Email Address
As previously stated, cybercriminals can impersonate your brand’s voice, formatting, logo, address, and contact name but can’t imitate your sender address.
Can you spot the difference in the email addresses below?
This is a trick! In the second email, we put a CAPITAL “I” in place of the lowercase “l” in the word “circle.”
Cyber Criminals are hoping you won’t check the sender’s email address.
Response: Check the email signature, sender name, sender email address, and spelling and grammar of the website. Additionally, ask, “why?” Why are they asking me to click on the link or provide confidential information over email?
As previously suggested, send all emails in question to your cyber security team in addition to calling your contact who sent you the email to confirm they sent the email.
As a professional digital agency, we help businesses build and maintain websites that stand out from competitors to connect their customers with a story. Our top priority is to help you focus on running your business; we know you can’t afford to be sidetracked by scammers.
Book a FREE Consultation Now: Click Here