Emails you should be cautious about:
1. Emails Demanding Urgent Action
Be on your guard whenever you receive an email asking you for immediate action. Attackers often use this approach to rush recipients into action before they even take the time to study the email for potential flaws or inconsistencies.
2. Inconsistencies in Email Addresses, Links & Domain Names
If the domain name (after the "@" symbol) matches the apparent sender of the email, the message is probably legitimate; if not, it's almost certainly a scam.
Be cautious of public email domains (such as "@gmail.com"). Attackers might use a company's name before the "@," so please remember that the critical part of the address is what comes after the "@" symbol. Only this part of the email address can indicate the organization from which the email has been sent.
Last but not least, make sure the email address is spelled correctly. Phishing emails often use email addresses very similar to legitimate ones, with minor spelling errors (such as one different letter).
3. Emails containing Suspicious Attachments
Nowadays, most organizations share work-related files via collaboration tools such as Google Drive or Dropbox. Please always treat internal emails with attachments suspiciously, especially if they have an unfamiliar extension or one commonly associated with malware (.zip, .exe, etc.).
4. Emails Requesting Login Credentials, Payment Information, and other Sensitive Data
Emails requesting sensitive data should always be treated cautiously, especially from an unexpected or unfamiliar sender. Spear phishers can forge login pages to look similar to the real ones and send an email containing a link that directs the recipient to the fake page.
What to do when you are unsure it is a phishing email?
#1 Never click any links or attachments in suspicious emails.
#2 If the suspicious message appears to come from someone you know or from an organization you've been contacting:
1. Check the sender's address against previous emails from the same organization first;
2. Contact that person via other means, such as text messages or phone calls to confirm it.
#3 Get help from your IT Support
Report the email and wait for further instructions. When reporting the email, make sure you send it as an attachment, do not just forward it. It is crucial to ensure that all the necessary information is included.
Are you looking for an IT Provider? Learn more about how we can help right here.