What Every Small Business
Should Know About Phishing

beware of phishing email scams

Small businesses are under threat from a variety of sources, both internal and external. But phishing is the most pressing. NIST Computer Security Resource Center defines phishing as a technique for attempting to acquire sensitive data, such as bank account numbers, through a fraudulent solicitation in email or on a web site, in which the perpetrator masquerades as a legitimate business or reputable person.

Types of Phishing

Standard Phishing

Standard phishing is the most common type of phishing. These attacks typically involve mass emails sent to large groups of people. 

Spear Phishing

A targeted attack aimed at a specific individual or organization, often involving the use of personal information to make the email seem more credible.

Whale Phishing

Targets high-ranking executives or other individuals who have access to sensitive information. This kind of attack is more sophisticated as the victims are often tech-savvy.

Vhishing

This attack uses phone calls or VoIP (Voice over IP) messages to trick victims into revealing sensitive information.

Phishing Prevention Best Practices

sample phishing email

Watch for overly generic content

Cybercriminals send a large batch of emails. Look for examples like “Dear valued customer.”

Examine the "From:" email address

The first part of the email address may look legitimate, but the last part might be off by a letter or may include a number in the usual domain.

Look for urgency

“You’ve won! Click here to redeem prize,” or “We have your browser history pay now or we are telling your boss.”

Check all links

Hover over the link and see whether the link’s description matches with the one implied in the email.

Look for errors

Notice misspellings, incorrect grammar and odd phrasing. This might be a deliberate attempt to try to bypass spam filters.

Check for secure websites

Any webpage where you enter personal information should have a url with https://. The “s” stands for secure.

Don't click on attachments

Attachments containing viruses might have an intriguing message encouraging you to open them such as “Here is the schedule I promised.”

3 Steps To Protect Your Business

1.

Conduct Regular Security Awareness Training

Keep your employees prepared to deal with any security threats that come your way by keeping them up to date on the latest security landscape and best practices through regular training.

2.

Perform Routine Testing To See Whether The Training Is Effective

It’s critical to consistently evaluate the success of your security training through quizzes, surveys and mock tests.

3.

Deploy Quarantining Solutions That Stop Phishing Attacks

Businesses can protect themselves from the harmful effects of phishing attacks by deploying quarantining solutions that help stop phishing attempts in their tracks.

Pollock Company

Managed Cyber Security services from Pollock Company provide a robust combination of advanced tools for cyber protection in every aspect of your business. 

 Let us show you how we can safeguard your endpoints, your email accounts, your data, your applications, and even your identity! Contact us to get a free cyber security assessment today. 

 

Share Article

Recent Posts

Menu