We’re all aware of the upsurge in attacks by bad actors against our IT infrastructure and privacy. Businesses are suffering from thefts of email lists, ransomware attacks, and brute-force attacks on their networking infrastructure. However, a more insidious attack may be lurking in the most unlikely of places—your email inbox.
Email “phishing” is the practice of sending a fraudulent email order to gain personal information or access to otherwise secure systems. It commonly takes place in an email message that appears to be from a legitimate source such as a business, or less frequently, a personal contact. Historically these emails would ask for a reply with specific information, but increasingly common are messages incorporating malware which can install monitors, keyloggers, or other types of security hacks into your system. Not only workstations are susceptible—mobile devices such as tablets and smart phones can also be infected by these attacks.
The best form of security against phishing attacks is an evaluation of intent. Were you expecting an email from this source? Would the source in question ask you to click on a link or submit secure information? Is this a source you regularly correspond with? Under no circumstances should you ever click a link or open an attachment that you are not 100% sure is safe.
If the email has textual inconsistencies, such as poor grammar, misspelling of your name, or utilization of generic greetings rather than utilization of your proper name, immediately delete it. It goes without saying that you should always have an up-to-date virus checker and malware checker on your device to further protect yourself.
Lastly, if anything about the message seems odd, simply delete it and follow up with the purported sender. No legitimate business will ever ask you for security information, passwords, or other personal information. The chances are good that, when you reach out, the business or person in question will have no idea that you’ve been contacted. It always pays to verify if there is any question at all about the veracity of any message you receive.
NSC Information Technology Group knows the ins and out of preventing scams like email phishing and other common security issues. They can answer any questions you might have about best practices and developments in email and device security. Contact them today and secure your email and your business.