Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Tip of the Week: How to Avoid Phishing Scams

Tip of the Week: How to Avoid Phishing Scams

For many businesses, email plays a crucial role in the dessemination of information. Whether it is simply interacting with clients or pushing directions to individuals, email is a simple and efficient way to communicate. One problem that organizations are running into is that individuals are being inundated with social engineering messages called phishing. This strategy is causing major operational problems for businesses, from malware to data breaches to extended downtime. For this week’s tip, we identify what exactly phishing is and how it is used to the detriment of many businesses and other organizations.

What Exactly Is Phishing?

The practice of phishing is not new. It has been used for much of the past decade. The strategy goes like this: hackers use deception to get a user to provide their own credentials, thus giving them unknowingly to the hacker. The hacker then accesses the account legitimately (as the user) and has free reign over the entire account. Sometimes they will go in and siphon data and sometimes they will hijack the entire account, but regardless of the hacker’s intentions a successful phishing attack is a successful transfer of power over an account. 

What’s worse is that you can get phished in multiple mediums. Email is the predominant channel where phishing attacks are carried out, but people can (and do) get phished over social media, instant message, or via text message. There are even phone-based or snail mail phishing attacks that direct users to go to a fake website where they would provide their credentials and/or personal information. 

There are even different forms of phishing based on their intended targets. The general strategy behind traditional phishing attacks is to send emails out to as many people as possible, hoping to snare unwitting recipients into their phishing nets. Today, with more personal information available about people, there is phishing that targets individual people. This is called a spear phishing attack. Then there are spear phishing attacks that are carried out against business and organizational leaders. These are called whaling attacks. The intended imagery aside, phishing attacks are getting more direct, more deceitful, and more serious. 

Spotting Phishing

For all of the bad news surrounding phishing attacks, there is some undeniably good news: with a critical eye, you can tell when you are being phished. You aren’t going to fall for these types of attacks if you know what to look for. Today, we’ve put together a short guide on how to determine if you are dealing with a phishing attack and how to proceed when you are.

Look for Warning Signs

There are a litany of warning signs that will help you spot a phishing attack. Most of them are pretty obvious, and some of the more subdued ones come with telltale signs. 

Does the message have spelling and grammar mistakes? 

Not many businesses will send out official correspondence with grammar and spelling mistakes. This should be the first sign that something is amiss. Most phishing messages come from supposedly-reputable organizations and while a spelling or grammar mistake does happen from time-to-time, several mistakes won’t happen.  

Does the message deal with curious circumstances? 

One of the biggest telltale signs that you are dealing with a phishing attack is the tone of the message that is received. Does the message reference immediate situations that need to be remedied? Does it mention money or illicit a sense of fear or anxiety? If it has these elements, it’s probably not legitimate. Think about it: most organizations that need you to act immediately will have specific ways of contacting you and that correspondence will make it clear that you are dealing with a legitimate organization.

Does this message have a trusted URL?

Most phishing attacks will redirect to a website that is set up by the hacker. You probably shouldn’t be clicking on any links sent to you in an email unless you are sure who sent the email. One way to determine whether or not a link is from a reputable source is to mouse over the link and see where the link goes. If you get an email from Amazon and the link goes to amazorn.com, you are staring at a phishing email.

Protecting Your Assets

There are a couple simple ways to ensure that you or a member of your staff doesn’t fall for phishing attacks:

  • Use technology. A spam blocking filter on your email will go a long way towards removing unnecessary and potentially-malicious emails from hitting employee inboxes in the first place.

  • Training. Make sure your employees are trained to spot and properly handle attempts that may come through. By starting with the end user, you’re taking away a lot of the power that phishing has.

At Total Tech Care, we appreciate the importance of secure workplace practices. If you’d like to learn more about phishing, and how we can help stop it from hurting your business, reach out to us at 866-348-2602.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 23 September 2020
If you'd like to register, please fill in the username, password and name fields.

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Tip of the Week Security Technology Best Practices Cloud Business Computing Privacy Hosted Solutions Productivity Hackers Network Security Business Microsoft Efficiency Backup Google Workplace Tips Internet Email Innovation Malware Software Data User Tips Mobile Devices Computer Disaster Recovery Business Continuity Hardware VoIP IT Services Smartphones communications Smartphone Productivity Android Browser IT Support Miscellaneous Network Communication Outsourced IT Collaboration Upgrade Windows 10 Small Business Business Management Server Cybersecurity Managed IT Services Mobile Device Data Backup Phishing Cloud Computing Office Windows Quick Tips Save Money Chrome Tech Term Users Windows 10 Gadgets Data Recovery Virtualization Automation Social Media Cybercrime Holiday Managed IT Services Facebook Computers Saving Money IT Support Artificial Intelligence Hacking Microsoft Office Passwords BYOD Internet of Things Alert Managed Service Provider Operating System Telephone Systems Ransomware Health Mobile Device Management Bandwidth Networking Spam Social Engineering Wi-Fi Mobility Office 365 Information Managed Service Router Recovery Employer-Employee Relationship Law Enforcement BDR Remote Monitoring Money App History Information Technology Mobile Computing Applications Data Breach Application Remote Computing Private Cloud How To Mobile Office Managed IT Big Data Password Apps Office Tips Encryption VPN Human Resources Two-factor Authentication Data Security Covid-19 Mouse HaaS Paperless Office Bring Your Own Device Data Management Blockchain Work/Life Balance Data Storage Patch Management Word Flexibility Windows 7 Wireless Training Marketing Google Drive Gmail IT solutions Entertainment Website Settings Budget Government Avoiding Downtime Data Protection Virtual Reality Apple Save Time User Error Display Meetings Telephone System Cleaning Staff Connectivity Vulnerability Hacker Remote Work Scam Education The Internet of Things WiFi Lithium-ion battery Infrastructure Safety Voice over Internet Protocol HIPAA Sports Servers Vendor Management Redundancy Keyboard USB Firewall Black Market IT Consultant OneNote Computer Care SaaS Telephony Humor Samsung Document Management Comparison Solid State Drive Network Congestion Wireless Technology eWaste Downtime Social Business Technology Managed Services Provider CES Value Access Control Vendor Spam Blocking Electronic Medical Records Data storage Virtual Assistant Content Management Automobile Hiring/Firing Wearable Technology Processor Computing Infrastructure Retail Hard Drives Instant Messaging Machine Learning Going Green Software as a Service Robot Hard Drive Excel Employee/Employer Relationship Virus Conferencing Biometrics Risk Management Update Business Intelligence Unified Threat Management Battery Computer Accessories End of Support Shadow IT Botnet Audit Legal Worker Google Docs DDoS Physical Security IT Management Identity Theft Internet Exlporer Augmented Reality IT Plan Digital Signage Printer PDF Bluetooth Unsupported Software Fraud Proactive IT Environment Cryptocurrency Charger Fax Server Best Practice Procurement Compliance YouTube Help Desk Supply Chain Management Safe Mode Investment Recycling Scalability Business Owner Current Events GDPR Bitcoin Tablet Hosted Computing Wireless Internet ISP Netflix Amazon Web Services Two Factor Authentication Domains NarrowBand Personal Managed Services File Sharing ROI Root Cause Analysis Criminal Search Knowledge IaaS iPhone Music Maintenance Camera Batteries HBO Inventory Shortcuts Bloatware Skype Wire Cryptomining Online Shopping Digitize Data loss How to Leadership Specifications Files Troubleshooting Printers Remote Workers Consultant Tablets Outlook IT Assessment Entrepreneur Start Menu Smart Office Database Analytics Evernote Chromecast Peripheral Windows Server 2008 R2 Screen Mirroring Loyalty Millennials Colocation Books Shortcut Uninterrupted Power Supply Virtual Private Network Managed IT Service Best Available Frequently Asked Questions Authentication OneDrive WIndows 7 Cost Management Professional Services Manufacturing Windows 10s Wireless Charging Monitor Quick Tip Social Networking Cast Nanotechnology Security Cameras webinar Workforce Emergency Project Management Using Data Tip of the week Copiers Tools Biometric Security Public Cloud Cables Employer Employee Relationship Running Cable Reputation PCI DSS Streaming Media Assessment Content Telecommuting Tech Support Warranty Computing Memory Windows Server 2008 Development User HVAC 5G PowerPoint Cortana Windows Media Player Techology Laptop Customers Policy Virtual Desktop RMM Digital Signature Television Devices Smartwatch Audiobook Administrator Fiber Optics Messaging Managing Stress Enterprise Content Management OLED Google Apps Touchpad Procedure MSP Virtual Machine Science Accountants Public Computer Thought Leadership Employee Cameras Politics Advertising Transportation Microchip Trend Micro Regulations SMS Travel Password Management Cabling Computer Fan Rootkit SharePoint Distributed Denial of Service FinTech Customer Relationship Management Notifications Hypervisor Twitter Workers Credit Cards Benefits Search Engine Shopping Analyitcs AI Programming NIST Default App FENG Password Manager Multi-Factor Security Relocation Employees Customer Service Remote Worker Saving Time Smart Tech IBM Flash Addiction Google Search Printer Server Smart Technology Bing Social Network Remote IT Infrastructure Business Mangement Video Games Antivirus Worker Commute Supercomputer Trending Wiring Windows 8 Software Tips Practices Sync Cache Net Neutrality Experience Emails Amazon IT service Printing

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code