How to Identify Phishing Emails and How to Stop Them
Contents
Phishing attacks are serious business and hackers are always finding new and innovative ways to launch them. This pattern of increasing sophistication has allowed them to continue to gain access to critical business information at an alarming rate, all while many are letting wondering how to identify phishing emails.
In fact, the number of phishing attacks around the world rose dramatically in the second quarter of 2019 to top out at 129.9 million. These malicious incursions cost businesses more than $26 billion between 2016 and 2019 — and that number is on the rise.
Companies looking to protect themselves and their data should fully understand the nature of these attacks and what security measures are available to halt them.
What Are Phishing Emails?
Typically, phishing emails look official and are received from a known or trusted entity such as a bank, social media site, or online store. They often contain language designed to trick you into clicking a link or downloading an attachment, such as:
- There’s been suspicious log-ins or activity on your account
- There’s a problem with a payment or with the account itself
- You must confirm personal information
- You must click a link to make a payment
- You’re eligible for cash back or a refund
- You’ve got a coupon to use for free goods or services
- There is a (fake) invoice attached
However, if you look closer at the email you may notice that it’s poorly written, the web or email addresses are misspelled or otherwise seem suspicious, the subject message is written to encourage fear, or there is a suspicious attachment.
How to Identify Phishing Emails
Tactics are always evolving, but there are some common elements that can help you and your employees identify malicious emails designed to extract sensitive information. Here are a few red flags to look out for.
Mismatched Names
Mismatched names are the biggest telltale signs of known phishing scams. Often, this is the case when an attacker is trying to impersonate a large, reputable company. Although the From field in your email client may seem correct, the actual email address may not correspond exactly to the company in question.
For instance, there is a real difference between, “FedEx.com” and “Fed-Ex.com”, the hyphenated URL is part of a known phishing scam email address. Also, if an email message from a trusted third-party does not use your name in its opening, that could be a red flag.
Unfortunately, it is extremely easy to forge an email address. Mismatched names represent the bottom line when it comes to creating a convincing phishing scam, so employees have to be on the lookout for other factors.
Urgent Action Required
Since cybercriminals can forge email addresses, a common tactic involves impersonating an authority figure and urgently requesting sensitive information. Most entry-level accountants would be intimidated by an urgent email from the CFO requesting every employee’s tax forms – but this is exactly what cybercriminals want.
Your corporate cybersecurity policy should provide for verification of urgent action emails – or simply require that urgent actions be communicated by more secure means. Any situation that threatens some sort of damage or punishment for not acting right now probably shouldn’t be communicated via email.
One way to counteract this approach is empowering employees to verify emails with supervisors, managers, and executives by phone.
Occasionally annoying the CEO is far preferable to accidentally allowing a high-profile data breach that costs millions of dollars and generates widespread public distrust in the company, and possibly shutter it in six months.
Embedded Links
Yes, most emails contain embedded links – they make it very easy to access websites and data referred to in the email body. But cybersecurity-conscious employees should not rely on embedded links when accessing URLs they can type into their own browser and save as bookmarks.
Not only can cybercriminals forge email addresses, but they can forge domain names too. Most people are not familiar with DNS naming structure and will fall for a link that looks legitimate.
For example, “info.LegitDomain.com” refers to the Information page of a legitimate domain. A cybercriminal may forge an email directing victims to “LegitDomain.MaliciousDomain.com,” relying on the fact that most people will see the legitimate domain and think they are safe.
Cybercriminals using an IDN homograph attack can even forge a domain that looks exactly like the domain they are impersonating using international character symbols. No human eye could tell the difference. This is why teaching employees to rely on their URL bookmarks is good cybersecurity practice.
How to Safeguard Your Organization from Phishing Emails
Dealing with phishing and cyberattacks are a part of doing business in this new century, so businesses need to take appropriate measures to protect themselves, their employees, their customers and — most importantly — their data.
Empower Employees with Education to Identify and Stop
Keeping your staff apprised of new threats and ensuring they understand the importance of best cybersecurity practices.
The U.S. Department of Homeland Security has a Cyberawareness Division that posts updated educational material, but your business should craft cybersecurity awareness training that deals with specifics, such as:
- Misleading email addresses
- Subject lines with threatening or enticing verbiage
- Suspicious links or attachments
It’s also important that employees follow a set protocol once they’ve determined an email is part of a phishing scam.
Use Two-Factor Authentication to Stop Phishing Emails
Two-factor authentication (2FA) is a way of adding another step to the typical log-in procedure to increase security and prevent unauthorized access.
Using 2FA means to hack in, cybercriminals must gain access to tokens placed on the device by the authentication mechanism or gain access to a physical component of login, like a securID fob.
However, employees must be careful not to inadvertently allow hackers to bypass 2FA by responding to an “account recovery” email.
Avoid Removable Media
There are many types of removable media such as USB drives, smartphones, SD cards, and optical and legacy media. With the exception of smartphones, these devices are largely used for storage and file transfer.
However, if not properly managed, they are a vector for malware since malicious software is easily spreadable via removable media.
Protect Your Infrastructure
Of course, getting help is the best way to know how to identify phishing emails and how to stop them. Businesses should focus significant efforts on providing appropriate cybersecurity protections to their hardware and software.
This is accomplished, in part, by a strong firewall and by keeping all software and hardware components up to date with the latest security patches and software releases.
Additionally, a protective antivirus software should be installed and maintained, and data should be backed up in redundant locations, so it is easily recovered in the case of disaster, theft, or loss.
Cybersecurity Experts
With more than 40 years of providing businesses with next-level support under our belt, our cybersecurity as a service addresses the challenges facing local businesses, large and small.
Our team of experts taps into this wealth of understanding to more fully understand — and meet — the critical needs of clients. Armed with the latest expertise and technologies, we can help you attain the greatest possible level of protection for your critical data. If you’re wondering how to identify phishing emails or even phone hacking scams, our Cybersecurity experts can help!
If your business is looking for the latest in state-of-the-art protection from cyberattacks and other security breaches, get in touch with one of Kelley Connect consultants today.
