If you have an email account, odds are you’ve received a suspicious-looking email at some point attempting to lure you into clicking a strange link or entering your credit card number, which is a better known as phishing. Phishing isn’t by any means a new scam; it has been around for many years and continues to grow in popularity due to criminals getting more and more creative with their devious attempts to steal innocent users’ data.

Despite the technological advances of anti-virus software and early detection efforts, phishing attacks seem to be here to stay. Nowadays, everyone is considered a target, but especially businesses, which house large amounts of sensitive employee and client information. As a result, it is important for business owners to educate their employees on how to detect phishing attempts and the importance of preventing these attacks to protect the organization as a whole.

In light of Cybersecurity Awareness Month, Doeren Mayhew’s dedicated IT Advisory and Security Group highlights common phishing attempts to help keep your organization protected.

Tell-Tale Signs of Phishing Attempts

You may be thinking, “I can tell the difference between a genuine email and a spam one, no problem!” However, the sneakiest attacks are more than what meets the eye. Here are 10 easy ways to evaluate an email and determine if it is a phishing attempt:

1. Check the Sender

Expand the email address to make sure it appears legitimate, whether that means an individual you know or a business you regularly engage with.

2. Hover Before You Click

Verify the link address matches the link’s description. Phishers are capable of copying email templates and branding to make emails appear as if they’re from a trusted sender but will swap links with fraudulent ones, leading users right into a trap.

3. Be Skeptical of Urgency

Phishing emails commonly use urgency to bypass better judgment. Again, if it’s not an individual or business you commonly communicate with, there is never a need for urgency.

4. Be Cautious with Attachments

An attacker can quickly install malware just by a user opening an attachment. Cybercriminals commonly use attachments with intriguing names, but resist the urge to open them!

5. Check the Spelling

Malicious emails are known for bad grammar and spelling – an easy red flag.

6. Check the Email Signature

Most sincere senders include a full email signature that matches their address. If a sender’s email signature contains contact information, a quick Google search could help to verify they are who they say they are.

7. Protect Personal Information

Legitimate companies rarely ask for sensitive personal information via email. If you are concerned about a request, you can always call the company’s phone number listed on their website and speak with someone to confirm the validity.

8. Check for Vague Introductions

“Valued Customer” or similar intros are potential signals the email is from an outsider sending mass communications and waiting for someone to bite.

9. Trust Your Gut

If something seems slightly off, don’t doubt your intuition! Make a call or report the email as soon as possible.

10. Report, Report, Report

Tech support and management would rather check a suspicious email than put an entire organization at risk – do your part and escalate suspicious emails to your IT team!

Stop Phishers in Their Tracks

With phishing attempts continuing to become more and more clever, the best offense is a good defense. Doeren Mayhew’s IT Advisory and Security Group works closely with organizations to evaluate their current information systems environment and advise on how to help keep them protected through our CYBERCLAW™ suite of IT solutions. To learn more about how we can help you to manage cybersecurity risks such as phishing attempts, contact us today.