How to Identify and Avoid Phishing Emails

Nowadays, the most common way for a hacker to gain access to your personal/business information is by using phishing emails. This form of online fraud tricks an individual to share personal or confidential information with a hacker through a corrupt email. The email may contain harmful links or malware designed to trick users into sharing personal information with a hacker.

3 main types of phishing emails:

  1. From a “trusted” contact or it may impersonate someone you know in your email address list
  2. From a bank, a credit card company or social networking websites
  3. From your subscription based applications or an online store

Phishing emails can look legitimate if you don’t know how to identify them.  Most of the phishing emails require you to click a link (re-directs you to a site) or open an attachment within the email.

Examples of phishing emails:

It says the name of the sender as “Charles Bennett” but the highlighted email address says otherwise. It’s a very common phishing email that is really easy to identify.

A popular type of phishing email came from impersonating the “CRA” for a tax refund. It has a link that will re-direct you to a website where you will be asked to fill up and send to them your personal information like SIN, Birthday, etc. This type of phishing technique is not only limited to CRA but can also be for your bank accounts and credit cards.

Another popular type of phishing email, where you get an email asking to update your account information. Again, the moment you click the link it re-directs you to another website so you can login with your credentials. The website itself is not from your provider but a website where it stores and saves your information so that they can hack you. This is not only limited to Netflix but to all other cloud-based subscriptions that you may have.

How to avoid phishing emails

We can help your firm organize its Windows Updates!
  1. Make sure to always check the sender’s email address. Amateur type of phishing emails always has a different email address than your trusted sender or contacts. However, some phishing emails has the same so its best to contact your IT support provider to confirm this for you.
  2. CRA, Banks or apps provider will never send you these types of emails. They will normally contact you through phone and verify with security questions.
  3. Educate yourself or get security training for you and your staff. Due to the increasing and advancing technology, its best to keep yourself up to date on latest technology trends. You will most likely encounter this either in your personal email or corporate email so its best to be ready for it.
  4. Get a superior email spam filter. At Triella, we use Mimecast for our enterprise environment and our clients. Mimecast has a strong spam filter and other security features that can protect your corporate environment from any hacking attacks caused due to phishing emails.  it also includes URL Inspection that will check for known bad URL’s and warn if there is a risk.
  5. Go to a site directly.  If you receive a suspicious email then go to your web browser and log onto the site directly rather than clicking links in the email.  You can then check to see if the request is genuine.
  6. Use a robust, reliable and paid anti-virus software. Make sure to install and run regular scans in your computer. Strong AV’s normally have a spam filter, updated malware signatures and firewall to protect your computer.
  7. Never give out your personal information. Regardless of any websites or pop-up you may encounter. Its best practice, not to give out any kind of information especially when it comes to your financial or personal information.
  8. Be reminded that there’s no single guaranteed way to avoid phishing attacks. It always best to verify with your IT department if there’s anything you are unsure about.

Brian Bundalian is a Client Support Specialist at Triella.  We are a technology consulting company specializing in providing technology audits, planning advice, project management and other CIO-related services to small and medium-sized firms. Brian can be reached at 647.426.1004. For additional articles, go to our blog page. Triella is a VMware Professional Partner, Microsoft Certified Partner, Citrix Solution Advisor – Silver, Dell Preferred Partner, Authorized Worldox Reseller and a Webroot Reseller.

© 2020 by Triella Corp. All rights reserved. Reproduction with credit is permitted.

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on pinterest
Pinterest
Follow us
Subscribe to our newsletter