Phishing emails are used to steal user data, including login credentials and credit card numbers. It happens when a hacker, pretending to be someone familiar, tricks their victim into opening an email, instant message, or text message and clicking on a malicious link. This typically leads to the installation of malware, shutting down access to data as part of a ransomware attack or the revealing of sensitive information.

Phishing attacks account for more than 80% of reported security incidents. Top cybersecurity facts, figures and statistics | CSO Online

With these types of crimes on the rise, it’s essential to learn how to spot a phishing attack. Look for these common signs.

  1. Inconsistent URLs or Email – When you get an email, always check the sender’s address – does it match the organization it claims to be from? If you hover over the URL, does it show you what you’d expect? These two telltale signs can often alert you to a phishing attack. If either of them don’t match what you expect to see, don’t click!
  1. Attachments – Phishing emails often use attachments to spread viruses and malware. Never open an attachment from an unknown sender or one you weren’t expecting.
  1. Bad Spelling and Grammar – Phishing emails often have grammar and spelling errors, or appear like they were computer generated. If the email is full of mistakes, be wary.
  1. Requests for Information – If you get an email asking for your login credentials, your financial or tax information, or other sensitive information, it’s likely a phishing scam. Reputable businesses won’t ask you to email this type of data.  If you get a request for your W-2 form purporting to be from your HR department, don’t hit “reply” – rather, speak directly to someone from your HR department to verify it.
  1. Something Seems Off – Often phishing emails just don’t seem right. It may be a difference in the company logo, the colors or maybe the formatting seems off. Whatever it is, trust your gut – if it looks wrong, it probably is.
  1. Urgency – Phishing emails that create a sense of urgency get the most clicks. If you receive an “important” or “urgent” message from human resources or upper management, chances are you’re going to want to know why. If an email warns that your password is about to expire, you’ll want to change it. Approach these emails with caution; their goal is to make you act without thinking, so be sure to stop and think and verify that the email is legitimate.

Always err on the side of caution and notify your IT department of any suspicious emails. At MOM we help our customers thwart threats just like these every day. Ask us about our security solutions for your business. Let us help protect your business in 2022!