In today’s evolving cyber threat landscape, Cyber Security awareness is the best way to prevent phishing in your organisation. As cyber attacks become more sophisticated and targeted than ever before, it’s vital that employees recognise common phishing tactics and are armed with the knowledge to spot and prevent phishing attacks with confidence.
Companies may have the strongest security defence systems in place, but it offers little protection if cybercriminals are able to bypass these traditional technological defences and get straight to an employee to trick them into divulging sensitive information.
Over 90% of all successful cyber attacks are a result of information unknowingly provided by employees. As networks become harder to breach, hackers are increasingly targeting what they perceive as the weakest link in a company’s defences – your employees!
Top Tips to Prevent Phishing
According to Intel, 97% of people around the world are unable to identify a sophisticated phishing email. Despite the convincing nature of these emails, there are still some tell-tale signs that may alert us to the presence of a phishing email.
1. A mismatched URL
If you believe that an email could be suspicious, always check the validity of the URL. By hovering your mouse over the link, you should see the full hyperlinked address appear. Despite seeming perfectly legitimate, if the URL does not match the address displayed, it is an indication that the message is fraudulent and could be a phishing email.
2. The email requests personal information
A reputable company will never request your personal information such as an account number, password, or banking details. If you receive an email requesting this information, it is likely to be a phishing email and should immediately be deleted.
3. Poor spelling and grammar
If you spot any spelling mistakes or poor grammar within an email, it is unlikely to have come from an official organisation and could indicate the presence of a phishing email.
4. Sense of urgency
If the email creates a sense of urgency and encourages you to act immediately, this may be a sign of a phishing scam. If you are unsure if the request is legitimate, contact the company directly via their official website or telephone number.
5. Unexpected correspondence
If an offer seems too good to be true, then it usually is! Be wary of emails that inform you that you have won a competition that you did not enter or requests you to click on a link to claim a prize.
Prevent Phishing in your Organisation
- Never click on links or download attachments without confirming the source.
- Double-check the sender’s address to ensure it’s coming from a legitimate source.
- Always double check the webpage’s URL before signing in and never log into sites by following a link in an email. Despite seeming perfectly legitimate, if the URL does not match the address displayed, it is an indication that the message is fraudulent and likely to be a phishing email.
- Always take time to think about a request for your personal information, and whether the request is appropriate. A reputable company will never send out an email to customers asking for personal information such as an account number, password, pin or security questions. See our resources on how to spot a phishing scam.
- Ignore and delete emails with unexpectedly poor grammar and formatting. If you spot any spelling mistakes or poor grammar within an email it is unlikely to have come from an unofficial organisation and could indicate the presence of a phishing email. Learn more about the characteristics of a phishing attack.
- Phishing attack messages that have the highest response rates are often related to time-bound events. Cybercriminals will often use a sense of urgency to encourage recipients to react immediately. If you are unsure if the request is legitimate, contact the company directly via their official website or official telephone number.
- Be cautious of unexpected email messages. Always take a moment to think “am I expecting this type of request?”. If it looks suspicious or too good to be true, then it probably is.
Resources to Prevent Phishing
Although phishing attacks are getting increasingly sophisticated, there are a number of ways you can protect yourself online. Check out these useful resources to learn more about how to prevent phishing in your organisation.
Stay Safe from Phishing
Our award winning MetaPhish platform provides a powerful defence against phishing and ransomware attacks by training employees how to identify and respond appropriately to these threats. It has helped protect organisations across the world from this ongoing threat and provides the first line of defence against phishing attacks.
Get in touch for further information on how MetaLearning can be used to prevent phishing within your organisation.