IT SECURITY SYDNEY | CYBER SECURITY SYDNEY | PHISHING ATTACK PREVENTION
New phishing scams are being developed all the time. As a result, it is important to stay on top of phishing techniques. After all, the best way to avoid falling prey to a phishing attack, is to understand what to look out for.
What is a Phishing?
Phishing is an attempt to lure an individual into providing sensitive personally identifiable information such as passwords, banking and credit card details. This cyber crime targets individuals via email, phone or text message posing as a legitimate organisation. Unfortunately for those who fall victim, it can result in identity theft as well as financial loss or data loss.
|Example of a Phishing Attack:
You may receive an email from Microsoft claiming there is an issue with your account. The email will ask you to click on a link to fix the issue. The link will open a webpage and ask you to login. However, when you enter your details and click next, nothing will happen. Alternatively, it will redirect you somewhere else. This is a typical phishing scam and you have now provided sensitive information.
A further example below is a fake Microsoft notice. It is almost identical in appearance to an actual notice from Microsoft concerning “Unusual sign-in activity”. The email below requests users to call a phony 1800 number or click on the website link.
Here are some tips on Phishing Attack Prevention:
The backbone of any successful phishing attack is a well-designed spoofed email or spoofed website. As a result it always pays to be vigilant when opening emails and visiting websites.
SIGNS OF EMAIL PHISHING
Name & Email:
- Look at the greeting.
- Does the greeting use your actual name or is it a generic greeting?
- Generic salutations are a red flag.
- Phishing emails can be very impersonal. (This is due to them sending the same email to thousands of other people).
- If the email is directed at you, check the way the sender writes or how they communicate with you. Verify if it has changed from last contact.
- Look at the email header.
- What is the sender’s address?
- Addresses are usually carefully designed to look authentic. However on closer look, you can usually identify inconsistencies.
- If possible, try to compare the sender’s email address to that of a previous message from the same company.
Check the Font & Style:
- Does the font look strange?
- Check for unnecessary large text or if the font style has changed since last email correspondence.
- A lot of phishing attempts have 90’s style formatting such as background colour to links. They are also known to use Times New Roman font in emails.
- Does the link look strange?
- Most, if not all phishing attempts will have a link which will ask you to log into a portal, such as “Google or Microsoft”. This portal is fake and is used to lure you to provide your login credentials. Alternatively, it may link directly to an instant download which can be a crypto locker virus or keylogger. Keylogger notes down all your key presses, saving passwords and other sensitive information.
- A handy tip is if you hover over the link with your mouse, it will show the true website URL. Does it look different from the actual link or look like it directs to a completely different website? If so, it is most likely a phishing website or virus download.
- You can minimise your risk significantly, by never clicking on a link without checking its authenticity. Make it a policy to always type in the URL of the site that you need to access manually. Upon arriving on the site, you will be able to confirm whether or not the message that you received was legitimate.
- Does the link look strange?
- Be cautious with attachments.
- If you have any attachments in an email that are read with less than 100% confidence, you should take extreme caution.
- It is advisable to always call the sender to double check the veracity of the email.
- Did you expect this email?
- If you’re uncertain of an email, do not reply directly to the email, but format a new email. Furthermore, you can also contact the sender to see if they have sent the email. If not, it is most likely a phishing attempt.
- Most companies will not ask for your details over email. However, to be sure please check the company’s policies regarding this.
Ultimately, if you believe you have received a suspicious email, perform a quick Google search of the sender, subject line and some of the contents. This will quickly show you if others have received the same suspicious email.
Responding to Phishing Attacks:
If you think you have opened a malicious link, follow these steps:
- We recommend immediately disconnecting your device from the internet and any network it is linked to. This will reduce the risk of the malware spreading through your system.
- Report the incident immediately.
Overall, if you receive a suspicious email and would like to ascertain its authenticity, call Techstream Solutions today. We can happily assist and assess the email in question.
Phishing Attack Prevention – Internet and Computer Security Services
Techstream Solutions are Sydney IT Service Providers. We are located in the business district of Frenchs Forest on the Northern Beaches. With a dedicated computer support help desk, our highly experience consultants and engineers are readily available to provide IT support assistance. After all, we understand that downtime can be stressful and frustrating. We ensure your workplace environment is running at maximum efficiency. As a result, any IT issues are resolved swiftly by our support team. Furthermore, our experts can attend to all your business computer support requirements. This includes managed IT, cloud services, backup & recovery as well as security. Our IT consultants can manage every aspect of your IT infrastructure projects and upgrades.