John Podesta fell for a phishing attack, which led to the release of a decade’s worth of emails. The hacker posed as Google and alerted Podesta to change his password because of suspicious activity on his account. By clicking on the link within the email, hackers were granted full access to his inbox.
Situations like this happen to businesses of all sizes, and the rate of these cyber attacks is only increasing. People are tricked into giving hackers information because they are not aware of the warning signs to look out for. However, here is a list of seven red flags to look out for.
- 1. “From” Line
The first thing to pay attention to is the address you are receiving the email from. Pay close attention to the sender because the person may appear to be someone you know but in reality, it could be a spoof. Hackers know that people are more likely to trust an email from someone they can recognize, which is why they make the email address appear to be from an existing contact. Let’s look at a quick example of this.
Notice that an “l” is missing from “wellsfargo” in the spoofed email, therefore it appears legitimate but the domain is not accurate.
- 2. “To” Line
Sometimes, the hacker will send an email to many different people. If you do not personally know the other people in the “to” line or you are being cc’d on a strange email, that should be a red flag. This is the second aspect of an email to pay attention to in order to detect email fraud and prevent email hacking.
- 3. Hyperlinks
Always be cautious of clicking on embedded links within an email unless you are sure it is from a trusted source. Before you click on a link, you can hover over it with your mouse to see the destination URL before you click on it. If the URL does not match what the text says, it’s not a good idea to click on the hyperlink.
- 4. Time
Consider the time you receive an email and compare it with the normal time you receive similar emails. Do you generally get an email from the CEO of your company at 2 a.m.? If not, this is an indication of a potentially spoofed email.
The same goes for the specific time of year. Be extra cautious around holiday or tax season, as cybercriminals typically increase phishing attempts when financial information is being shared or online shopping is heightened.
- 5. Attachments
Attachments may seem harmless, but some can contain malicious viruses or another form of malware. So, as a rule of thumb, do not open attachments that you are not expecting. If a sender does not normally send you attachments, this is a sign that it could be a fraudulent email. In addition, if the attachment has a strange file type such as .exe or a duplicate file type such as .xls.xls you should not download or open it.
- 6. Subject
Phishing attempts usually try to trick you with scare tactics or immediate action. If the subject line seems fishy, such as “Need wire transfer now” or “Change password immediately”, validate the source before you take any action. The subject may also be irrelevant or not on topic with the rest of the email content, which can be another red flag.
- 7. Content
The sender may be urging you to update your information or change your password in order to avoid a consequence, which instills fear and prompts action. This is another method to look out for as hackers use this to trick you. In addition, if the grammar or spelling are incorrect and the email seems out of the ordinary, confirm the legitimacy before you click on links or download any files.
So there you have it, seven simple red flags to look out for when examining an email. Never click on links, download files, or transfer money unless you are sure the email is legitimate. We recommend a two-step verification process to establish validity. For example, if you receive an email from your CEO requesting a wire transfer, we recommend you also confirm via phone or in person. This two-step verification process validates the sender through multiple mediums, which helps avoid falling for scams.
It is important for all businesses to take email hacking seriously. Hackers attack corporations and individuals, so understanding social engineering methods is crucial in addition to having proper spam filters and firewalls installed. Lack of employee education is what makes it difficult for MSPs to properly secure an environment. However, you can use these tips to educate employees both within your company as well as the companies you service to reduce the risks of a cyber attack.
IA Staff. (2017, May 15) 7 Red Flags MSPs Should Identify to Reduce Cyber Attacks [Blog Post]. Retrieved from https://industryanalysts.com/51517_continuum/
Why do you need to worry about getting cyber security support? According to recent data, SMBs with less than 250 people, are the target for cyber attackers to camp out on their systems for an average of 51 days. That’s almost 2 months' worth of business data that is...
Copied from our trusted source at Trend Micro Remote and hybrid work environments are here to stay, which means CISOs need to establish an effective security strategy for managing the expanding attack surface. Organizations can no longer afford (quite...
Before you get hung up on the date of this posting, please know that this is NOT an April Fool's joke. cyber security is no laughing matter. Cybercriminals are refining their tactics and cyber attacks are on the rise. Are you prepared? Anyone over the age of 30...
DCNC Inc. Cloud Computing In an increasingly mobile world where workers are finding ways to work remotely in an efficient manner, security and accessibility are two factors of increasing importance. Employees and employers alike need to be able to quickly access files...
The complexity of business technology has increased to the point where most organizations today require somebody in-house with a technical skillset. Whether it's managing IoT technology, hardware maintenance, or specialized software, companies often need to have a...
Why Office 365 Customers Need a Backup Solution Many business owners using Office 365 believe that their data is totally secure. The reality, however, is a different story. Although Microsoft offers many benefits in productivity, efficiency, and collaboration...
Today’s digital age is ripe with people looking to take advantage of weak systems. From Remote Monitoring and Maintenance to Backup and Disaster Recovery, we provide around the clock IT support services to ensure what you want to be kept safe, stays safe!
We all do it, use one set of login credentials everywhere on the web. For work, for shopping, for banking; studies show that individuals reuse login credentials for at least 5 different applications.After all, we all have way too much to remember and the thought of...
Secure Your Business With DCNC Inc.’s Complete Care Package All Colorado area businesses deserve to have their virtual information and data systems protected, during both...
Migrating to O365 has numerous benefits. Read this whole article to learn about the most important ones and then visit DCNC to learn more.
We Are Here To Help!
7100 Broadway #1B
Denver, CO. 80221