Malicious emails are on the rise. According to the recent reports from ProofPoint, there was a 85% rise in malicious emails last quarter compared to Q2, along with a 600% rise in phishing attacks using malicious URLs. Compared to 2016, malicious URL attacks have risen a whopping 2200%.
So what can you do to protect yourself from phishing scams? You can follow these tips, which we published a couple years ago, but they still hold true.
Look at the Sender: If you don’t recognize the name or email address of the email sender, hold off on believing it, especially if that person is asking for personal information like your social security or credit card number. Even if the name or email address is somebody you recognize, be wary as it’s trivial to fake that information. Call the person on the phone to verify the information in the email if there is a concern.
Look at the URLs: Scammers cannot easily take over legit banking or private sites, so they generally create sites that look just like the proper site, but load it from a fake site and URL they control that looks very similar to the correct one. Fraudsters sometimes include authentic links in their emails, such as to the genuine privacy policy and terms of service pages for the site they’re mimicking. These authentic links are mixed in with links to a fake web site in order to make the spoof site appear more realistic. So look at the links and if they look weird, check them with a URL scanning tool like ScanURL, which checks Google’s Safe Browsing, PhishTank and WOT all at once.
Look at the Calls to Action: Is there a demand for immediate action? There’s a pretty good chance it’s a scam. Be wary of emails “your account will be closed,” “your account has been compromised,” or “urgent action required.” The scammers are taking advantage of your panic to trick you into providing private information. If something were legitimately urgent, you’d likely receive a phone call, not an email.
Look at the Content: Generic greetings (“Dear Customer” or “Dear Member”), poor spelling and grammar, broken graphics and requests for personally identifying information (social security numbers, passwords, etc…) all could be signs that something isn’t right.
DON’T Look at the Attachments: Whatever you do, don’t look at or open any attachments that you aren’t expecting, especially in emails like this. Attachments are one of the best way to get your system infected with viruses, malware and other nastiness. If you’re not expecting the attachment, delete the message immediately.
Weston offers solutions to help protect from email-borne threats, including WestonBlock, our comprehensive email protection and continuity solution along with OpenDNS Content Filtering to prevent you from going to the page if you do click on it. While no solution is perfect, the tips above — combined with proper anti-virus protection and a good email protection system — can go a long way. Contact us today to learn more.