Phishing has been a rising issue for quite some time. This form of hacking is done through emails and instant messaging. Hackers will try to convince people that they are an official or from a viable company to get sensitive information. In fact, Phishing has become such a concern that even the government is stepping in.
It’s becoming very pricey for all parties involved. A recent news story talked about how hackers are victimizing Delaware E-Z Pass users by tricking them into logging onto a fake E-Z Pass site. Delaware officials have yet to figure out who’s at the bottom of the attack, and are currently trying to figure out a way to help victims. In 2014, 28.8% of all phishing attempts were attempts to steal data relating to one’s personal finance.
If you’re a business owner, you should follow the following steps to protect yourself against phishing. First, you have to make sure that your company employees know better than to answer a spoofed email and give phishers private information. Next, you also have to make sure that these nasty hackers don’t make the mistake of using your company as a spoof. Here’s how to guard your company against phishing.
- Train your employees to check email addresses. Most phishers use Gmail or AOL email addresses. A real company employee will send out an email using an official company email. So, make sure they look for XYZ@Microsoft.com instead of MICROSOFT.COM@Gmail.com. The vast majority of phishers can get caught by just reading the email address of the sender.
- Have a protocol in place for sending login information or personal information. Neither you nor your employees should disclose personal information via email. If an email tells you or your employee to log in using a specific link, do not click the link. Instead, log onto the site using your standard web address.
- Warn your clients about potential phishing activities. Tell them that your company only uses an official company email address for communications, tell them that you never demand personal information via email, and tell them to forward any emails from strange people claiming to be employees of the company. This gives you a potential chance to catch phishers in the act.
- Use official company email addresses. If you have a web domain, use company emails that deal with the domain name. Differentiate yourself from the phishers out there!
- Look for dead giveaways. Most company emails to clients are proofread before they’re sent out. A phisher might not proofread. If you notice spelling and grammar mistakes from an “official” email, it’s likely a phishing attempt by a non-English speaker.
A good amount of common sense can prevent most phishing attacks – as can a good eye for detail. If you are worried about phishers getting information, talking to an IT professional about your options can be a good way to prevent future damage.