Lots of evidence has surfaced this year that phishing is increasingly hitting organizations. This upward-trending activity only underscores why organizations need cyber security training for their employees.
Fortunately, it’s less about rocket science and more about awareness and common sense. Still, as we’ve spotlighted previously, even the experts can be targeted.
Check Point researchers have outlined six tips your employees can use to defend themselves against phishing attacks. Here they are below, as outlined in SCMedia.
- Look at the Sender
An email out of the blue from someone you don’t know is cause for concern. Also, does the sender’s email address look odd? If it contains letters out of order, a punctuation mark that shouldn’t be there, an extra letter in the address, or has a zero “0” substituted for the letter “O,” then chances are it’s a phishing email.
- Examine the Addressee List
Notice how many other people received the email. If you don’t know these individuals, then it may be best to leave the email unopened. If the list of recipients includes a large number of coworkers who don’t usually interact, then this is a sign of a wide-scale phishing attack. Don’t open it!
- Suspect the Subject
If the e-mail subject is not something you’d anticipate receiving, then be wary, especially if the email is a reply to an email you didn’t even send. If this happens to you, rely on common sense and ignore the e-mail.
4. Scrutinize the Timing
When was the e-mail sent? Even if you communicate with those around the globe, be cautious of emails that are sent at unexpected times.
5. Avoid Strange Attachments and Hyperlinks
Do not open attachments you didn’t expect. Be cautious of file types you may not usually receive, and don’t open it if the file has a weird name or contains unusual symbols.
6. Beware of Unsettling Content
An email that urges you to act immediately, such as logging in to your bank account, is often a sign of a phishing attack. Even if you think the email is real, don’t click on the link within it. It could lead to an illegitimate website that will steal your information. Log in to your account from the company website directly or give the company a phone call.
Get the full story at SCMedia.