During this pandemic there has been a massive increase of fake emails, known as "email phishing". Here at Network Engineering, we see too many hackers taking advantage of those unaware of how to identify fake emails. Below are several key ways to identify phishing emails to protect you and your business.
Our rule of thumb is, "If it smells like a phish, or looks like a phish. IT IS PROBABLY A PHISH!"
If you are AT ALL suspicious, don't open it!
1. Suspicious Email Address
If the address of the sender looks a little bit phishy, it's probably fake. For example, this email appears to be from Netflix, but the address does not end with @netflix.com
2. Suspicious Subject Line
Very rarely will you see a subject line like this. Use common sense and check for spelling errors.
3. Strange URL Address or Attachment
Oftentimes, phishing emails seem urgent, evoking a sense of taking immediate action. Most likely it will include an attachment or "click here" link that will open malware or virus on your computer. One way to overcome this is to hover your cursor over the link (DO NOT CLICK IT). In the bottom corner you can see the URL address that it leads to. If the address looks suspicious, or doesn't go to a credible domain (such as Netflix.com) delete it and run away!
4. Look for typo's or misspellings
Credible companies sending automated emails will most likely not misspell words, as they have multiple eyes on all email blasts to customers. You can usually rule out emails with typo's or poor grammar. Often, we see phish email
authors with "English as a second language", so sentence structure backwards may seem. Often we also see "Kindly respond" or "Kindly update your profile". I am not being phobic...just letting you know what we have seen recently.
Also, ANY changes in banking, wire transfers, or direct deposits should be followed up with a phone call to confirm authenticity. Most of the time when there is a financial loss, a wire transfer or ACH transfer is involved. Also, requests for or transactions involving gift cards is highly suspect of a phishing scam.
If at any point you see an email that is questionable, contact us! Seeing more than our share of phishes, we can likely identify it (even the "species" of phish). We have tools to check attachments and URL's as well. We also have tools that can be used to block these types of emails from being delivered to you or your coworker's mailboxes, and ways to report emails that DO get through, to phishing blacklists.
Stay safe and secure! If you have become a victim of email phishing, contact NE-INC here to recover lost data and protect your business moving forward.