How to avoid being hacked by new phishing techniques
As our reach within the world expands the world gets a little smaller. Unfortunately, this has allowed some of the nefarious individuals out there to get closer to us than ever. Everyday these bad actors are constantly trying to break into your home, your company, your finances, and anything else they can lay their hands on. If successful these bad actors can end up costing you or your company thousands of dollars in lost revenue, fines, and even ransomware payments. The IT and security industry is constantly trying to mitigate this risk before it ever hits your email box. Unfortunately, many times there is a lag between when these email are discovered, and when definitions are made to remove these emails. This is the time you are most vulnerable.
Ransomware is costing the business industry more than $75 Billion Dollars a year.
Following these simple rules can make sure you're not taken advantage of.
1. Don't open emails with strange subjects. Always be diligent when opening emails. One of the tactics that bad actors have been using for years is of course deception. If you receive a strange email from someone you don't know with an offer that's too good to be true it probably is. The email below is for an "investment opportunity". Obviously if you receive something of this nature it should always be a red flag. In the example below notice the strange email address. This is a red flag. Then notice the 0 in collaboration. This is a tactic the spammers will use to try and fool spam filters. Delete any email like this immediately.
2. Don't open any email attachments from someone your not expecting them from. If your Aunt Sally who doesn't ever send attachments in her email suddenly sends you one, then that email should be suspect. Pick up the phone and ask Aunt Sally if she sent you an email attachment. One might ask, well can't I just send an email back asking if the email was safe? NO. If Aunt Sally's email was compromised then they can easily just send you a fraudulent response. (Yes this happens)
3. Don't click or open anything from an email not specifically addressed to you. Notice how in the email below it's a phone number and not my email address in the to: box. This means that it was not only sent to me but also to someone's cell phone. This is also a clear indicator that this email is fraudulent and should be deleted immediately.
4. Don't click on a link in an email until you know it is from a legitimate sender and has a legitimate destination. (more advanced) This can be accomplished in many ways:
First check with the sender by phone or text and ask if they sent the email.
Second determine if the link goes a legitimate and reputable site. This is a bit harder to determine but here's how you do it. If you get an email with a link in it (Link would be a button or a line you can click on) and it points to something other than where it appears to be coming from or if the link information doesn't match up to the description, delete the email immediately. **To determine the link location without getting infected just put your mouse over the text BUT DON'T CLICK** It is very important you don't actually click on the link. The below is an example of a fraudulent link from the email I received that would likely infect my computer.
The only other link in the email goes to an entirely different URL. This means that it is almost certainly fraudulent.
5. Make sure you have up to date anti-virus software installed on your computer and network. This is unfortunately no guarantee that your computer won't get infected, however every little bit helps.
6. If you get an email from someone you DO know but the email address doesn't match up. An example of this would be you receive an email from a trusted source but the email address doesn't match what you expect. For example, if I get an email from my buddy John Doe but the email address is firstname.lastname@example.org you know that the email is NOT legit and should be deleted.
7. Phone safety: If you get a strange text on your phone that contains a link the same rules above apply. DO NOT CLICK IT.
Don't a victim. If your not sure how secure your company is or need advice on how to secure your company, call the exerts at EvolutionIT today for a free evaluation.
These tips are just guidelines and as with most things they may need to be updated or adapted as the bad actors tactics evolve. However, if you follow most of these rules you, your company and your family will always be safer.
EvolutionIT provides network consulting and state-of-the-art managed IT services to the commercial and public sector. We would love to be your technology provider. Give us a call today.
Contact Us: Corporate Headquarters
230 South 500 East #300 Suite B.
Salt Lake City, UT 84111