Phishing” is the most common type of cyber attack that affects organizations. Phishing attacks can take many forms, but they all share a common goal – getting you to share sensitive information such as login credentials, credit card information, or bank account details.

What You Can Do:

To avoid these phishing schemes, please observe the following email best practices:

  • Do not click on links or attachments from senders that you do not recognize. Be especially wary of .zip or other compressed or executable file types.
  • Do not provide sensitive personal information (like usernames and passwords) over email.
  • Do not try to open any shared document that you’re not expecting to receive.
  • Watch for email senders that use suspicious or misleading domain names – especially in any cases where the requestor is asking for you to enter any personally identifying, company, or especially, financial information — be extra careful in such a case, and mouseover any links and check the address of the link in the bottom of Outlook.

Here is an example:

Please note how you can mouseover the above link and see where it is actually directing you. When mousing over links in that manner, please check for spelling changes in normal domain names. Inspect URLs carefully to make sure they’re legitimate and not impostor sites. The above example appears to be for microsoft but when you hover over it it is actually going to send you to google. Try it.

If you can’t tell if an email is legitimate or not, please give us a call and we can help you to determine if the email is legitimate or not.

  • Be especially cautious when opening attachments or clicking links if you receive an email containing a warning banner indicating that it originated from an external source, or if the sender name does not match the email address.

Thanks again for helping to keep your network, and your people and data, safe from these cyber threats.