Email phishing is by far the most frequently used method for cyber criminals to impact you personally and hurt your business too. Every day, there’s a new tactic, and some are very sophisticated and hard to recognize, so let’s do a quick refresh on what to look out for and what to do if you are concerned you’ve received something malicious!
Fake Vendor emails:
Dropbox. OneDrive. Wells Fargo. I could go on and on. Criminals design some very convincing emails to get you to click links to install software they leverage to steal information, or to get you to enter your password to these accounts and access your information.
Cloud file share scams: If you receive an email that looks like it’s from Dropbox and someone wants to share a file, it’s always best to login to your Dropbox from a browser rather than by clicking the link to see if there is really something being shared with you. Otherwise, the link is just going to take you to a site that LOOKS like Dropbox to obtain your credentials. If you’re expecting something to be shared, it’s probably safe, but it’s not worth the risk.
Banks asking for passwords: For banking institutions, you should never receive requests to download files to update your password information like in this Wells Fargo sample
- Financial institutions in general with never ask you to provide personal information via email.
- Do not reply to emails that do ask you for personal information.
- If you aren’t sure of it’s authenticity, call the institution and ask!
Check links before you click them! If you receive an email that wants you to click a web link, hover over the link to see if they are truly going where you would expect them to take you! If you aren’t sure if something is safe, reach out to us, and we can help!
These are just some of the things to look out for in suspicious emails, and we’ll keep reminding you of others that we see as they come along!
Here’s the Reader’s Digest version of today’s lesson:
- Don’t click links from cloud vendors unless you are expecting them.
- Login to the cloud account and see if there’s a notification that someone is actually trying to share a file with you.
- Financial institutions will never ask you to provide them credentials via email. Always call if you aren’t sure if an email is legitimate.
- Hover over links in emails to make sure they’re taking you where they look like they are!
An informed team is the most important aspect of preventing your office from falling victim to cyber-criminals. If you have any other questions about email security or would like us to provide your office Security Awareness training, let us know! It only takes about 30 minutes, and it’s definitely worth your time. Call Katie at 312-474-9400 to set it up, or email firstname.lastname@example.org