TechStarters Logo
Blog Home
Phishing Scams: How Businesses are the Real Bait

Phishing Scams: How Businesses are the Real Bait

One phish, two phish…. Clicked phish, data breach. This phrase was recently seen on the monitor at a hospital and it was alarming because a hospital has so many sensitive files. Hospitals contain all your medical records and your sensitive billing information. Well according to Forbes Magazine, one of the most popular phishing scams of 2019 is targeting business’s SaaS information. This includes important business banking records as well as financial reports. 

What is a Phishing Scam?

According to Chicago University, a phishing scam is a legitimate-looking email sent from a reputable-looking place. Sometimes these emails can look like they are legitimate but have a letter or extra number placed in the domain to trick someone into opening the email. Regardless, once this email is opened, there are two ways in which scammers get you or your company’s information. The first way is through an email that asks directly for your information such as a social security number and your address. Make a note that most legitimate places, such as banks, will never ask you for this information. The second way is through a toxic link that can be clicked in the email. This link may take you to a site that closely resembles one that you use. There they will ask for you to “verify” your information.

Phishing Scams in Businesses

Businesses are often a very high target for phishers because of the amount of money and the sensitive information they hold. The biggest targets come from those who use G Suite and Microsoft Office for their email. Never fear though, these systems have hard security measures to ensure that your business email is safe and secure. Another way to ensure this security is to have your email hosted with a partnering IT company such as #TechStarters. #TechStarters is a partner with Microsoft and we take pride in providing secure email for your business.

Another great way to protect your business from phishing is employee computer safety. The importance of training your employees on cybersecurity cannot be stressed enough. Company computers are constantly breached because of employee negligence. Phishing is no exception. Just like the hospital, make your employees aware that there are potential phishing threats targeting companies. Train on proper email practices and if it looks suspicious, it most likely is.

The final wall of defense for these phishing scams is using two-step authentication. Even if your employees fail to recognize a phishing email and give out the email password, two-step authentication will save your information. Two-step authentication will ask you to verify that you are the person using the email.

Things to Remember with Phishing Scams

  1. Phishing scams are not all email based
    • Some phishing scams can be done through text messaging which is called smishing. There is also the possibility of having a phishing scam through fax. Regardless, it is all about getting your private information.
  2. Most phishing email domains are similar to a site you visit
    • Make sure to check the email’s domain for random letters, misspelled words, or numbers. Phishers often use domains similar to recognized companies.
  3. Legit businesses will never ask you for private information over email
    1. Never give out your information to businesses you do not trust, especially if they prompt you through email. Most legit businesses have your information already on file, especially banks. Banks will never ask you to send your information over email.

Hook, Line, and Sink that Phisher….

Regardless of your industry, you may encounter phishing scams. The best thing to do is prepare for the possibility of a scam. You can install two-step authentication and train your employees on the most recent cybersecurity safety protocols. The most important is setting up your business’s email securely, to begin with. #TechStarters is partners with Microsoft and the Nerds are trained to handle the most up-to-date security threats.