10 Ways To Spot a Phishing Attack and Act Appropriately

Nowadays, most of the data breaches involve a phishing attack. These attacks usually consist of fake emails designed to look like they’re coming from a brand or institution that you trust such as FedEx,  Popular Bank, vendors and even government. The email may look like an invoice, a letter from the boss or upper management, verification of an account or a legitimate looking request.

Cyber criminals want to entice you to click a link or download an attachment, which, in turn, puts malicious files on your computer or still your user name and password. This can enable hackers to steal your identity, breach your network or encrypt the data.

The best way to defend yourself against phishing or spear phishing attacks is to identify fake emails before you click on them.

  • Who is the real sender? Check the name and addresses are spelled correctly in the “to” section.  Hackers will spoof legitimate addresses with slight changes. At a quick glance they look like the real thing. But when you look closely, you can see that a name has been misspelled or the email domain has an extra letter.
  • Check the salutation- Make sure it is addressed to you not “Dear Client” or just Hi or no names. 
  • Double check with the sender–  Even if an email comes from a trusted sender, confirm in person or over the phone before taking the action requested. Spear phishing emails are sophisticated and tailored to you, taking advantage of names that you trust and details about yourself.
  • Check the entire email– Look for any kind of logos, misspelling, bad grammar, missing footer or anything out of ordinary.
  • Does it make sense? If the request seems out of the ordinary or unusually urgent, always double check in person or over the phone with the requester. (And not by replying to the email!)
  • Hover over the link or attachment. Use your mouse, hover over the link to see the full URL link to see where it goes.  If it does not make sense then do not click on it. 
  • Change your email password- If any suspicious email is generated from your account, change your password and enable 2 factor authentication.  Make sure no rules are created to forward or delete any emails.
  • Check your technology- Do you have anti-spam or the latest anti-virus? Do you Advanced Threat Protection ( where the links are opened and tested before they reach to your email)? Keep your computers and antivirus up to date.   
  • Payment verification. Apply two factor authentication. Ask your bank or credit card company to notify you for any kind of payment that is over certain amount or any fund transfer via a phone call.
  • If you are in doubt do without. Delete it the suspicious email by holding down the shift key and pressing the delete key.  This way it is permanently deleted from your inbox. 

Hopefully these tips help guide you in the right direction when it comes to Phishing attacks. For additional questions or assistance, please feel free to give us a call at (818) 501-2281 or email us at info@ceocomputers.com

We serve Los Angeles, CA or any of the surrounding areas such as, Arcadia, CA, Burbank, CA, Chatsworth, CA, Culver City, CA, Downtown LA, Encino, CA, Glendale, CA, Hollywood, CA, Los Angeles, CA, North Hollywood, CA, Pasadena, CA, San Fernando, CA, Santa Monica, CA Sherman Oaks, CA Tarzana, CA Universal City, CA, Van Nuys, CA, West LA, Woodland Hills, CA and more

Posted in IT Blog