Your Nashville IT Consulting Company Should Help Protect You From Spear-Phishing
In comparing September 2018 with September 2019, Microsoft researchers have seen spear-phishing attacks double. What was a rate of 0.31% in 2018 has grown to 0.62% in 2019.
These types of attacks are much more dangerous than usual phishing scams – do you understand why? User awareness is a key part of cybersecurity, which is why your Nashville IT consulting company should be making sure you know how to spot a phishing email.
What Makes Spear-Phishing Different?
Conventional phishing is a method in which cybercriminals send fraudulent emails that appear to be from reputable sources in order to get recipients to reveal sensitive information and/or execute significant financial transfers.
Whereas a lot of phishing attempts are sent out via mass email, spear-phishing is the opposite. Instead of casting a wide net, the cybercriminal picks a single, high-value target. They do their research so that the email has the recipient’s name, position, company and other details correct. It may even appear to be signed by a real coworker or superior.
However legitimate it seems, again, it can only be so accurate. At the end of the day, the cybercriminal is still just looking to infect the target with malware or trick them into giving away vital information.
3 Ways To Tell That It’s A Phishing Email
Share these tips with your employees to ensure they know how to spot a spear-phishing attempt:
- It’s Poorly Written
Modern cybersecurity awareness comes down to paying attention to the details. When reading a suspicious email, keep an eye out for any typos or glaring errors. Whereas legitimate messages from your bank or vendors would be properly edited, phishing emails are notorious for basic spelling and grammatical mistakes.
- It’s Makes A High Value Request
If the email is asking for sensitive information, like your passwords, baking info, Social Security number or something else, you need to be careful. Phishers may also try to trick you into executing a high value money transfers, or something else of a financial nature.
- It’s An “Emergency”
If the subject line makes it sound like an emergency — “Your account has been suspended”, or “You’re being hacked” — that’s another red flag. It’s in the scammer’s interest to make you panic and move quickly, which might lead to you overlooking other indicators that it’s a phishing email.
Unfortunately, many users aren’t skeptical enough to spot a scam. In fact, more than half of all Americans say they’ve been the victim of a scam. That’s why your Nashville IT consulting company needs to help you learn how to spot phishing emails.
At the end of the day, there is no perfect technological solution that will save you from phishing. It all comes down to you (and the other users at your business), and how capable you are at spotting a scam when it comes into your inbox.
Like this article? Check out the following blogs to learn more:
The Need for Cybersecurity Expertise at the Board Level for Banking
The new Health Industry Cybersecurity Practices (HICP)
NIST’s Small Business Cybersecurity Corner
Brian Gray, MCP, is the President at Kraft Technology Group, LLC (KTG), an affiliate of KraftCPAs PLLC. Within his role, Brian is responsible for all aspects of service delivery to our clients. Brian has a decade of experience working for managed service providers. He has worked with clients in a variety of industries, including financial services, accounting, legal, healthcare, manufacturing, and retail.