Phishing scammers are always looking for fresh catches and you don’t want to be lured in by their tactics. Cybercriminals use email to launch phishing attacks and use other social engineering tactics to persuade people, like you and your employees, to gain access to information.
Company emails are a treasure trove of valuable data. They contain personal and confidential messages, sensitive documents, financial transactions, and much more. This is why email security is so important. A successful cyber attack on your email server can lead to data and financial loss, and even identity theft.
Phishing is one of the most common email-based threats. Deceptive emails that appear to be from a trusted source but are designed to trick you into revealing sensitive information or clicking on a malicious link, are sent to your company email. Sometimes, an email comes from a colleague or associate’s hacked account, which makes these attacks even harder to spot. If you have not trained your employees to catch these attacks, your company data could be compromised!
The first line of defence in email security is a strong password
Avoid using easy and guessable passwords like “password123” or “admin” etc. Instead, choose combinations of uppercase and lowercase letters, numbers, and special characters like #, ! or $. Make your password at least 15 characters long.
Enabling multi-factor authentication (MFA) is a must for any company email. MFA adds an extra layer of security, requiring you to enter a code sent to your phone in addition to your password when an attempt is made to log in from an “unknown” machine or device.
A strong password isn’t the only thing you can use to keep your data safe. Learn more about how to strengthen your small business’ cybersecurity to gain peace of mind.
However, not even strong passwords can ward off all cyber-attacks and hacks. Users should remain suspicious of unsolicited requests for personal data as well as emails with suspicious or unfamiliar attachments. Also, be wary of emails requiring you to reset passwords or validate accounts as the requests could be phishing attacks.
In this post, we look at 4 ways you can avoid falling victim to phishing attacks:
1. Verify the sender of the email
Double check the sender’s email address, especially if the message seems suspicious, or give the sender a call if you know them personally. In most cases, they will let you know if they send an email to you, which will stop the threat dead in its tracks.
2. Look for red flags
Beware emails that ask for personal or financial information or ask you to log in to a website that looks like your bank or email provider, but does not have your information pre-populated.
3. Hover your mouse over any links in the suspicious email to preview the address
If it is a malicious link, it will likely send you to a compromised website address or servers designed to steal your data or infect your machine.
4. Don’t download attachments from unknown sources
This is probably the most missed item on this list. People are often curious to know the document, especially if they think it came from someone they know. One click on that attachment and the hacker can potentially be in your machine.
So, where do you start?
Trusted for IT services and IT consulting, Escape Computers helps small businesses across Southwestern Ontario, protect their sensitive email information with phishing and social engineering training. We put spam protection practices in place to stay a step ahead of manipulative hackers. Before you open that next email, contact us and let’s talk IT today.