Almost two-thirds of U.S. companies suffered a successful phishing attack in 2019. This threat isn’t going away, and it isn’t getting any easier to defend against. The good news is, unlike a bass or trout, you have ways you can protect yourself from phishing.
Phishing Prevention
Everyone knows a phishing email is bad news. So how do you keep them from landing in your inbox? We dug into our phishing tackle box for these key preventative actions to take.
Enable Email Filtering
Most major email providers (including Microsoft) include a built-in filter that analyzes incoming email for red flags. These red flags can indicate a message is spam or phishing. If an email is flagged, it’s automatically moved to a “Junk” or “Spam” folder.
While email filtering won’t stop every single phishing email, it will identify and contain many of them before they even reach your main inbox. Enabling this feature provides another layer of protection around your email.
Use anti-virus software
It scans every file coming to your computer through the internet, helping to prevent malicious attachments from damaging your system. Just be sure to keep it updated. New versions of your AV software are released all the time in response to new scams. Regularly updating it protects you from the latest dangers.
Don’t Overshare Online
A smart rule of thumb is to never share personal or financial information over the internet – whether in an email, on social media, or on a website. A hacker could be watching your online actions and gather enough information to either trick you or impersonate you in order to trick someone else through a phishing email.
In addition, never send emails with sensitive information. And if you need to update your personal information on a website, always go directly to the site in question to do it – don’t trust links in emails that appear to take you to the correct site.
Stay informed
Keep an eye on your favorite tech news site to learn what new phishing ploys are becoming popular. From COVID to politics, phishers often create scams based on headline news.
Update, update, update
Always update your operating system and applications as soon as new security patches are released. Vulnerabilities are an easy “in” for cybercriminals. Phishing attacks often target Windows OS products. So stay on top of updates – especially if you’re still running Windows 7.
Train and Test
At the end of the day, human intelligence is the strongest defense against phishing. Training yourself and your colleagues can help stop even the phishing emails that slip through your other defenses.
A number of companies offer training programs that teach you the fine details of identifying phishing emails. You should also conduct regular phishing tests. These tests send out a fake phishing email and record who opened it and clicked links. It’s an effective way to see how well your company does at spotting scams and if more training is needed.
If you’d like to implement phishing training at your organization, we can recommend some excellent training partners.
What to Do if You Receive a Phishing Email
Despite your best efforts, chances are a phishing email may sneak through here and there. Here’s what you should do when that happens.
Don’t panic. Considering how popular a technique phishing is, it’s bound to happen to you sooner or later. Take a couple of breaths to focus yourself. Then take these steps.
Delete it (without opening it, if possible). If you feel confident the email is a scam before you even open it, better to just delete it.
If you do end up needing to open the email to find out if it’s legitimate, don’t click on anything. Does the email seem, well, phishy? Avoid clicking any links or downloading any attachments.
Block the sender. If your email provider allows it, add the email’s sender to a blocked list.
Report it. Let your IT department know that you received a phishing email. Phishers often send emails to multiple people in a company. Warn your IT team so they can take appropriate action and give everyone else a heads up.
Phishers are always trolling for a catch. But staying alert and proactive can help you avoid getting caught in their nets. We can help you put together a robust, layered security program that stops phishing – and other cyberattacks – in their tracks. Visit our Cybersecurity page to find out more.
Learn More About Phishing
Top 10 Email Phishing Scam Clues
