This week’s topic is e-mail – scourge of modern civilization or essential business communication tool. Discuss.
The reality is that we are all addicted to e-mail. Most of us have more than one account we use on a regular basis. There’s the one we have at work, our personal account on Gmail and that old one we use to register for things that just collects spam. Oh, and that Yahoo one we forgot about.
Every single one of these accounts is a potential target for a phishing attack. What is phishing? According to phishing.org (yes, that is a thing) phishing is a cybercrime in which a target (you) is contacted by e-mail, phone or text in an attempt to gather sensitive data or information. Usually these attacks are disguised as coming from a reputable source.
For the most part our incoming e-mails should be protected by our service provider, business firewall or anti bad things software. These should weed out the most obvious attacks. However, as is recounted in the news on a regular basis, these cybercriminals are always finding ways around the security functions.
While you do not need to be an expert in the world of hacking there are a few common sense steps you can take to avoid becoming a phishing victim:
Attachments – Rule #1 is to never, ever open an attachment from someone you do not know. This also holds true hyper-links.
Return To Sender – These clever hackers will often disguise themselves as being from, say, Amazon or American Express. Do not automatically assume they are. Check the actual “from” e-mail address (not just the name). Amazon will not send you a request from a Gmail account. That said, the level of sophistication has gotten to the point where some phishers will actually send you an e-mail from what appears to be a real account from someone within your organization. I have gotten these with seemingly innocuous messages that did not make sense in context. Then again, I’m paranoid about this stuff.
Personal information – Reputable companies will not ask you to confirm your personal data or passwords or Social Security Number in an e-mail.
Scary stuff – One trick is to use scare tactics or a sense of urgency to get you to quickly respond. This can actually be quite effective as we are all guilty of multi-tasking and not paying close attention to every detail. If you get an e-mail like this – don’t panic. Slow down and reason it out.
Grammar – Many scammers are not, shall we say, reflexively fluent in the English language. Grammar and syntax are important and reputable firms usually pay attention to that.
As mentioned earlier, phishing is not exclusive to e-mail. There are scammers out there who will also attack via mobile phone calls and texts. Rather than go into excruciating detail on those attacks we have included a link below that will give you better information.
In today’s wild west show that is the Internet it is best to be a little paranoid. If something is too good to be true it likely is false. If you have doubts about an e-mail notify your IT department. Make sure your anti-virus software is up to date.
Be smart. Be vigilant. And, be just a little paranoid because they actually are out to get you.