Advantage IT Management Blog

You Have to Think Before You Click

You Have to Think Before You Click

Phishing attacks are more commonplace than you might think. Whether it’s scamming someone into sending payments to fund who knows what or simply spreading malware or viruses, these phishing attacks are a part of doing business; therefore, it’s important that you take measures to avoid some of the most clever tricks in the book. Let’s examine some of them.

Defining Phishing

Phishing attacks are attacks that come in the form of actual legitimate emails. Cybercriminals try to trick users into handing over important credentials, sharing important information, and downloading malware. Phishing emails are particularly dangerous because they can seem quite real. A phishing attempt for your PayPal information could look just like your everyday PayPal message. To make matters worse, phishing emails instill a sense of urgency in their targets, spurring them to take immediate action to pay an overdue bill or change a stolen password.

How to Spot a Phishing Attack

Even the best of us can be tricked by phishing scams from time to time, and it’s all because they can take so many different forms. Thankfully, there are plenty of ways you can prepare your team to identify phishing scams. Here are some tips to consider:

  • Maintain strong, unique passwords: If your account is ever hacked, then the least you can do is make sure that the password you use for that particular account isn’t used anywhere else.
  • Check the email address in the header: Make sure that emails appearing to come from a particular domain are, in fact, actually coming from that domain. For example, whatshisname from PayPal should have an email address of . However, you need to make sure that emails aren’t coming from a subtle domain like . Of course, you have to be exceptionally careful about any messages asking you to click links or submit sensitive information.
  • Don’t automatically download attachments: Most malware will find its way onto your network through email attachments. If you haven’t specifically requested an attachment, it’s safe to say that you should be more than a little skeptical if you receive one in an inbox. If you have any reason to doubt the authenticity of the attachment, you should take a moment to reach out to the sender in an alternative form of communication and confirm that it works.
  • Look before you click: If the email has a link in it, take a moment to hover your mouse over it before you click. This gives you the true nature of the link. Here are some examples of legitimate and suspicious URLs:
    • Paypal.com - This is safe. That’s PayPal’s domain name.
    • Paypal.com/activatecard - This is safe. It’s just a subpage on PayPal’s site.
    • Business.paypal.com - This is safe. A website can put letters and numbers before a dot in their domain name to lead to a specific area of their site. This is called a subdomain.
    • Business.paypal.com/retail - This is safe. This is a subpage on PayPal’s subdomain.
    • Paypal.com.activecard.net - Uh oh, this is sketchy. Notice the dot after the .com in PayPal’s domain? That means this domain is actually activecard.net, and it has the subdomain paypal.com. They are trying to trick you.
    • Paypal.com.activecardsecure.net/secure - This is still sketchy. The domain name is activecardsecure.net, and like the above example, they are trying to trick you because they made a subdomain called paypal.com. They are just driving you to a subpage that they called secure. This is pretty suspicious.
    • Paypal.com/activatecard.tinyurl.com/retail - This is really tricky! The hacker is using a URL shortening service called TinyURL. Notice how there is a .com later in the URL after PayPal’s domain? That means it’s not PayPal. Tread carefully!

Of course, all organizations handle domains differently, but these rules above should give you an idea of what to look for in illegitimate addresses.

Training your employees to identify these phishing emails will go a long way toward keeping your business secure. Advantage IT Management can help you implement solutions designed to limit the threat of phishing attempts and help your employees stay aware of the dangers. To learn more, reach out to us at 251-662-9770.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, September 17 2019

Captcha Image

Tag Cloud

Tip of the Week Security Technology Best Practices Business Computing Privacy Cloud Productivity Network Security Hackers Malware User Tips Hardware Efficiency Google Computer Microsoft Communication Data communications Tech Term Smartphones Internet Cybersecurity Innovation Email Software Outsourced IT VoIP Business Backup Mobile Device Ransomware Business Management Managed IT Services IT Support Passwords Smartphone Android Hosted Solutions Small Business Windows 10 Apps Users Browser Mobile Devices Alert IT Services Miscellaneous Gadgets Network Managed IT Services Social Media Windows Applications Collaboration Microsoft Office Bandwidth Save Money Cloud Computing Internet of Things Data Backup Wi-Fi Workplace Tips Employer-Employee Relationship Holiday Information Data Recovery Business Intelligence Saving Money Business Continuity Gmail Data Management Upgrade Blockchain Access Control Computers Office Wireless Password Virtualization Facebook Twitter Chrome Managed Service IT Support Router Quick Tips Settings Laptop Mobile Device Management Hosted Solution Automation Excel Physical Security Office 365 Battery Analytics Phishing Workers Cybercrime Telephony Paperless Office Politics Networking Company Culture Vulnerability Law Enforcement VoIP Marketing Word Patch Management Data Breach BYOD Value Government Health VPN BDR Productivity Apple Virtual Assistant Maintenance Data Protection HIPAA Education Website Recovery Cost Management Net Neutrality Disaster Recovery Voice over Internet Protocol Healthcare Virus Update Artificial Intelligence iPhone Telephone Systems Dark Web Remote Monitoring and Management Spam Smart Technology Data Security G Suite Mobility Operating System Medical IT Wireless Charging Tip of the week Scam Managed IT Service Remote Computing Going Green Remote Monitoring Tech Terms Connectivity Processor Server Cortana RAM Retail How To App Hacking Compliance Remote Support Social Engineering Taskbar Display eCommerce Plug-In instant Messaging Printing Hard Disk Drive Staff Two-factor Authentication Conferencing Cables Wearables HP Shortcut WhatsApp Spotify Botnet Error Server Management Trends Spam Blocking Sales Microsoft Teams Help Desk Bitcoin SaaS Mobile Security Human Resources Social Troubleshooting National Security Benchmarks Biometrics Online Shopping Technology Tips Proactive IT Vulnerabilities Paper Touchscreen Video Antivirus Websites Content Filtering Document Management Database A.I. Email Management Sports Tablet Lithium-ion battery Managing Stress Certification Payment Cards WannaCry Environment Emergency Reporting Employee-Employer Relationship Automobile Ink Copy Uninterrupted Power Supply File Sharing Windows XP Outlook Risk Management Backup and Disaster Recovery Search Streaming Media Cryptocurrency The Internet of Things IT budget Microsoft Office 365 Customer Service Millennials Safety Multi-Factor Security User Tip Digital Tactics News Cabling Machine Learning Movies Knowledge Webcam Hard Drive e-waste Phone System Licensing Current Events Electronic Health Records IT Management PowerPoint Paste User Security Profitability Entertainment Printer Server Hard Drives Access Google Maps Tech Support Analysis Windows 7 Authentication OneNote Updates Managed Service Provider Amazon E-Commerce Edge Internet Explorer Telephone System Managed IT Telecommute Unified Communications Files Comparison DDoS Bring Your Own Device Training Cleaning Processors disposal Travel GDPR Employees Business Technology Office Tips Eliminating Downtime Recycling Printers SSD Work/Life Balance Time Management Worker Authorization Windows Server 2008 R2 Information Technology Voice over IP Dongle Telecommuting Avoiding Downtime eWaste Best Practice Payment Big Data Threat Data loss Google Drive Specifications Distributed Denial of Service Hybrid Cloud Security Cameras Spyware Gadget Live Streaming Windows 10 Storage Solid State Drive Network Attached Storage Downloads Remote Control Disaster WiFi Wireless Internet Batteries Personal Information Lead Generation Inventory Chrome OS Printer Instagram Credit Cards Encryption Gaming Console Freedom of Information Regulation Employer Employee Relationship Television Vendor Management Video Games Autocorrect Thank You IaaS Hiring/Firing Administrator Synergy CrashOverride Money Congratulations HaaS Financial Staffing Emoji Budget Scheduling Samsung Dark Data Trending Leadership Internet Exlporer Unified Threat Management Chromecast Scalability Yahoo Wireless Technology Computer Care

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

Mia Taylor Tip of the Week: How to Handle a Paper Jam Without Freaking Out
13 September 2019
You have posted a fantastic blog! This is the best blog, most concise step by step guide. Toshiba te...
Galvin Caldwell How and Why Cyber Crime is so Effective
06 September 2019
Cyber crime is the crime has the well recognized worth all over the world due to the lack of the sec...
Abby Aspinall Ransomware Increasingly Targets Android Devices
27 August 2019
Ransom ware has some targets that were among the all android devices that were good to be read over ...
JozephChristopher Google Wants You to Tweet Emojis at Them. Here’s Why
22 August 2019
As per my research with a dissertation writing services company, Google was working on this from a l...
Chris Greenwalty Most Noteworthy Data Breaches in 2019
21 August 2019
Since there are many threats that we are listening about data breach. You need to figure out the bes...