In the past year, ransomware attacks and phishing emails have risen sharply. According to VirusTotal, more than 130 different types of ransomware have been detected since 2020 as stated in the Ransomware Global Context Report. This is a matter of concern for small businesses as well as big businesses, especially those running business networks over cloud services.
Deceiving Emails are a Threat in the Workplace and At Home
You might think it's safe to click a link in an email or open an attachment, but it's important to assume it could be a trap.
Our inboxes are overflowing to the point that we barely skim email messages and sometimes we make quick and costly decisions. Not studying email messages can lead to unnecessary risks. This is because there may be clues on the surface of the message that can warn you the email you received may be a phishing scam.
What Can Happen If You Take the Bait?
Here are just a few of the things you can do if you fall into a phishing attack:
|
In Your Personal Life:
|
At Work:
|
Attackers Use Many Tricks to Fool You
There are three primary threats within phishing messages: malicious links, infected attachments, and fraudulent requests for the recipient to return sensitive information (like login credentials, credit card details, etc.).
However, this may make it seem like phishing is a “simple” thing – when it most certainly is not. There is really no limit to the types of tricks and the different styles of messages that attackers will use to attempt to fool you.
Some ways hackers might try to fool you is through messages that may seem very personal; they can include your name, reference relevant details of your job or personal life, and even may look like they are from someone you know well or email with on a regular basis.
Some of the most dangerous phishing messages are those that appear to originate from well-known entities such as the IRS and other tax bodies, trusted software and service providers, well-known retailers, financial institutions, and applications; and even messages that mimic internal notifications like those you might see from your IT department or Human Resources staff.
Unfortunately, you can’t make any assumptions about email messages because things are not always what they seem to be.
You Are an Important Line of Defense
When it comes to phishing scams, it's important to remember that things aren't what they look like. In reality, the email message looks legitimate. For example, an email sent from your company's IT address asking you to download new security software may appear to be reliable. It looks real and has become a hot topic. But is it really the process your IT department follows?
Many email recipients don’t realize how important their actions are – and that they are a critical part of phishing prevention. Remember:
- Your IT team works hard to protect you … but there are no technical tools that are 100% effective at blocking phishing emails.
- Attackers need your participation to succeed. Phishing emails only work if you take the bait.
- It’s important to know what to look for and what to do if you receive a suspicious message. Knowledge is power!
And one last reminder: If you have received a message that seems suspicious or malicious, follow your organization’s policy for reporting it. This is an important step in phishing defense as your attention and quick thinking can help your IT team identify and address an active attack on your organization. This helps to protect your coworkers, your company, your customers, and you.
Dominion Voice and Data can help make cybersecurity part of your daily routine. Visit the IT Managed Services page to learn more.
