Cybercriminals Aren’t Stopping
Cybercriminals wouldn’t be very successful if they kept doing the exact same things. As they change their tactics, you need to stay up to date so you can continue to defend your business effectively.
You’ve heard that fact about sharks, that, if they stop moving, they’ll die, right?
In a way, it’s the same for cybercriminals. As soon as they rest, they become ineffective. The reason so many cybercrime strategies continue to work is because hackers keep adapting them.
Phishing (and all social engineering techniques) is about the element of surprise. If they can make you believe that they’re your bank, your boss, or a close friend, then you’re that much more likely to download malware or give up your SSN.
That’s why you need to know how cybercriminals operate – then they won’t be able to fool you.
Phishing & Its Evolution
Just to make sure we’re all on the same page, let’s start with the basics.
What is phishing? It’s a method in which cybercriminals send fraudulent emails that appear to be from reputable sources in order to get recipients to reveal sensitive information and execute significant financial transfers.
The thing is, just because you’ve seen one phishing email doesn’t mean you’ve seen them all. Just this year, a new variation of phishing was discovered, in which cybercriminals embed malware in emails and disguising it as a voicemail recording.
Why Is Phishing Effective?
Honestly? It’s your fault.
Yours, and everyone else that keeps falling for these obvious scams.
OK, maybe that’s unfair – they’re not necessarily obvious if you don’t know what to look for. But that’s the thing – once you know the signs, you can spot a phishing email a mile away.
The fact is that businesses aren’t learning to protect themselves, which is why the number of reported phishing attacks has gone up by 65% in the past few years.
And it’s vital that you do – after all, the average phishing attack costs businesses $1.6 million.
So let’s show you how…
What Do All Phishing Emails Have In Common?
Share these tips with your employees to ensure they know how to spot a phishing attempt:
Watch For Overly Generic Content And Greetings
Cybercriminals will send a large batch of emails. Look for examples like “Dear valued customer.”
Examine The Entire From Email Address
The first part of the email address may be legitimate, but the last part might be off by a letter or may include a number in the usual domain.
Look For Urgency Or Demanding Actions
“You’ve won! Click here to redeem a prize,” or “We have your browser history pay now or we are telling your boss.”
Carefully Check All Links
Mouse over the link and see if the link’s destination matches where the email implies you will be taken.
Notice Misspellings, Incorrect Grammar, & Odd Phrasing
This might be a deliberate attempt to try and bypass spam filters.
Don’t Click On Attachments Right Away
Virus containing attachments might have an intriguing message encouraging you to open them such as “Here is the Schedule I promised.”
What If You’ve Already Been Scammed?
Don’t be too embarrassed – it happens to thousands of people across the country, and even more around the world every day.
If you think you may have compromised your data, then the next step is to find out if it’s for sale online. If it is, there’s one place you have to check first – the Dark Web.
The Dark Web is like the black market of the Internet – if your personal or business data has been stolen is being sold, that’s where it’ll be.
Alvarez Technology Group can help you check – in honor of Cyber Security Awareness Month, we’re offering a free Dark Web Scan – contact firstname.lastname@example.org to claim yours.
Like this article? Check out the following blogs to learn more: