Not only are phishing scams incredibly common, they're also getting more believable and effective as time goes on. According to one recent study, a massive 76% of all organisations said that they experienced phishing attacks in 2017. Not only that, but the frequency rate of those attacks actually took a massive 65% leap compared to 2016.
When you consider that 95% of ALL attacks on enterprise networks are the result of a successful phishing scam, it's easy to see why this is one problem you need to take very seriously.
To protect yourself against email scams, having the right information is your most powerful ally. To definitively spot a fake email or a phishing scam the moment you see them, there are a few core things to keep in mind.
The Hallmarks of Email Scams: Here's What to Watch out For
While it's true that there is no single template that hackers use when attempting to execute a successful email scam, there are a few core qualities that a lot of these messages share. Any one of these isn't necessarily an indication that something sinister is going on.
The presence of multiple items on this list, however, is an absolute sign that you need to proceed with caution moving forward.
A few of the elements that point to an email scam include (but are not limited to):
- Incomplete, misspelled, or missing words. Emails sent from one professional to another are very unlikely to contain these types of rudimentary language mistakes. Likewise, official correspondence from a major company or brand won't have them, either. Scam emails are usually written by people who are A) working quickly, and who B) probably don't speak the same language you do , so consider many of these types of basic language issues as your number one warning sign.
- The messages usually require immediate action. When it comes to a successful phishing scam, time is absolutely not on the side of a hacker. The longer you have to think about a message, the more likely you are to realise its true nature. Therefore, a lot of these messages are marked "urgent" to try to get you to act as quickly as possible.
- They'll contain suspicious links or will have attached files that you're expected to download. As a matter of fact, never, under any circumstances, click on a link or download a file to your computer that comes from an email message, even if its just 1% suspicious. The consequences are far too severe and you do not want to leave anything to chance.
- They're not personal in nature. If you receive an email that has a curious lack of personalisation, or one that is addressed to your user name rather than your actual name, this is again a warning sign that you're going to want to stop and examine things further before you click or respond to the message.
How to NOT be a Victim of an Email Scam
If you think that a phishing scam email may have landed in your inbox and still aren't quite sure, there are a number of key things that you'll want to do next to confirm your suspicions.
First thing's first: even if you aren't necessarily concerned about things like grammar and spelling, do not, under any circumstances, click on anything. Hover over a link in an email before clicking on it to see its URL and verify that it's actually going where the link text claims it will. You can accomplish the same thing by highlighting the link with your mouse, right-clicking on it and selecting "Copy Link Location." Paste that URL into a text document on your computer for further examination.
Likewise, most phishing scams depend on a hacker's ability to trick you into thinking you're talking to someone you're not. Therefore, always call the sender or company in question and verify that they actually sent the message.
If an email supposedly came from one of your clients, for example, go into your address book and call that client directly. If it came from a local business, visit their website and find the appropriate contact information. This is one of those situations where it truly never hurts to double check.
Finally, if you want to prevent yourself from getting more of these scam emails going forward, here are some things you can do.
- First, block the sender in your address book or forward the message to your IT department and have them do that for you.
- If your email provider offers a "Report as SPAM" feature, now would be the time to use it.
- Do not be afraid to report the message to the local authorities. Many police departments now have cyber crime divisions that specifically help with this kind of thing. Escalating things in this nature is one of the best opportunities you have to prevent these email scams from targeting others too.
Powernet: The Safer Business Choice
Sadly, phishing scams and email attacks are problems that will only get worse as time goes on. Part of the reason they're so popular in the first place is that, by and large, they're just so effective. But if you can't stop yourself from becoming a target, you can prevent your organisation from becoming a victim.
If you'd like to find out more information about how to spot an email scam, or if you'd like to learn more about cybersecurity in general, contact Powernet today.