It uses social engineering techniques and computer programming to lure email recipients and Internet users into believing that a fraudulent website is legitimate. When the phishing victim clicks the phishing link, they find that their personal identity vital information and even money have been stolen.
What’s the difference between Phishing and Spear Phishing?
Phishing emails are sent to the general public. They often impersonate a government agency, bank, the IRS, social networking site or store like Amazon.
Spear Phishing emails target specific individuals. They are personalized with facts about you or your business to draw you in. And they appear to come from a company or person you do business with. It could come in the form of an email from your CEO.
A Phishing or Spear Phishing Email:
- Is the one that you didn’t initiate.
- May contain strange URLs and email addresses.
- Often uses improper grammar and misspellings.
- Typically contains attachments that you don’t recognize as legitimate.
- Contains a link or email address that you don’t recognize.
- May use language that is urgent or threatening.
Phishing and Spear Phishing are popular among cybercriminals because they usually succeed.
10 messages have a better than:
- 90% chance of getting a click.
- 8% chance of users clicking on an attachment.
- 8% chance users will fill out a web form.
- 18% chance that users will click a malicious link in an email.
Even high-level executives get spoofed and share usernames and passwords.
The average cost of a Phishing Scam is $1.6 million. It’s a top security concern for businesses today:
- 1 in 3 companies are affected.
- 30% of Phishing emails get opened.
- Phishing is now the #1 vehicle for ransomware and other forms of malware.
Prevent being a victim of phishing or spear phishing. Here are 8 important things to remember:
- Think before you click a link. Don’t click on links from random emails or text messages. Hover your mouse arrow over a link to see who sent it. Most phishing emails begin with “Dear Customer” so watch out for these. Verify the website’s phone number before placing any calls. Remember, the secure website always starts with “https.”
- Never divulge personal information requested by email, such as your name or credit card number. Typically, phishing emails will direct you to a web page to enter your financial or personal information. When in doubt, visit the main website of the company in the email, and give them a call. And, never send sensitive information in an email to anyone. (A secure website always starts with “https”.)
- Consider installing an anti-phishing toolbar and security tools. Some Internet browsers offer free, anti-phishing toolbars that can run quick checks on the sites you visit. If a malicious site shows up, the toolbar will alert you. Be sure to ask ComTech about updated computer security tools, such as anti-virus software, spyware, and firewalls. They will drastically reduce the chances of hackers and phishers infiltrating your computer or your network.
- Never download files from suspicious emails or websites. Double check the website URL for legitimacy by typing the actual address into your Web browser. Check the site’s security certificate. Also, beware of pop-ups as they may be phishing attempts. Your browser settings allow you to block pop-ups, where you can allow them on a case-by-case basis. If one gets through, don’t click on the “cancel” button as this is a ploy to lead you to a phishing site. Click the small “x” in the upper corner of the window, instead.
- Get into the habit of changing your passwords often. You can also use a password manager like Dashlane or Last Pass that will automatically insert new, hard-to-crack passwords for you.
- Regularly check your online bank and credit card accounts. To prevent bank phishing and credit card phishing scams, you should personally check your statements regularly. Get monthly statements for your financial accounts and check every entry carefully to ensure no fraudulent transactions have been made without your knowledge.
- Update your browsers to the latest version. Security patches are released in response to the vulnerabilities that phishers and hackers exploit. Don’t ignore messages to update your browsers, and download the updates as soon as they’re available.
ComTech has been a trusted partner with dozens of organizations such as yours in Central Texas.
Trained expert team at your side:
ActiveCare™ server monitoring and management teams have developed an extensive knowledge base over the years as we manage many infrastructures around the state.
- 24x7 services:
- The ActiveCare™ team monitors and manages your systems around the clock, 365 days a year.
- Fixed price:
- No surprises at the end of the month; Our fixed pricing means you know exactly how much it’s going to cost you no matter how many issues have been resolved.
- Why waste money investing in software you never use or that is hard to manage? Whether you add a client, retire a server, or close down an office you are only charged for what you’ve used during the agent installation.