Detecting a Phishing Email

Hello Charlotte, Huntersville, Davidson, Mooresville, NC

Detecting a Phishing Email

10 Things to Watch for:

With the uptick in ransomware infections that are often instigated through phishing emails, its crucial to take proactive measures to help protect the organization’s security.

1) Don’t trust the display name of who the email is from.

Just because it says it’s coming from a name of a person you know or trust doesn’t mean that it truly is. Be sure to look at the email address to confirm the true sender.

2) Look but don’t click

Hover your mouse over parts of the email without clicking on anything. If the alt text looks strange or doesn’t match what the link description says, don’t click on it – report it to IT by opening a ticket with our helpdesk, website chat or immediately

3) Check for spelling errors.

Attackers are often less concerned about spelling or being grammatically correct than a normal sender would be.

4) Consider the salutation.

Is the address general or vague?

Is the salutation to “valued customer” or ” Dear (insert tittle here)?

5) Is the email asking for personal information?

Legitimate companies are unlikely to ask for personal information in an email

6) Beware of urgency

Their emails might try to make it sound as if there is some sort of emergency (e.x, The CFO needs a $1M wire transfer, or Hey Stephanie, can you tell me my credit card information)

7) Check the email signature

Most legitimate senders will include a full signature block at the bottom of their emails.

8) Be careful with attachments.

Attackers like to trick you with a really juicy attachment. It might have a really long name, it might be a fake icon of Microsoft Excel that ins’t actually the spreadsheet you think it is.

9) Don’t believe everything you see.

If something seems slightly out of the norm, it’s better to be safe than sorry. If you see something off, then it’s best to report it to our support team

10) When in doubt, always contact your IT team.

No matter the time of day, no matter the concern, our IT staff would rather have you send something that turns out to be legit than to put your company at risk.