Identify a phishing scamPhishing is a type of cyber-attack/scam where an attempt to obtain personal information is made by posing as a legitimate company, typically via email, to gain your trust. Companies such as AOL, Sony, and Target have all fallen victim to phishing scams. Cyber scams are constantly evolving, so how do you identify a phishing scam?

How to Identify a Phishing Scam – 5 Ways

While some phishing scams can be quite obvious and rather hilarious, don’t be caught off guard. Here are some tips you and your employees can use to help identify a phishing scam:

  • The email address or links don’t match the domain name of the company’s legitimate website. – For example, accountservices@citibanking.com might be posing as accountservices@citibank.com .
  • Grammar, typos, misspellings and unprofessionalism. – This is probably the most common way people can easily identify a phishing scam.
  • “Dear Customer…” – Lack of personalization. If they aren’t providing you with the last four of your account, your first and last name, or some piece of information related to your account, it’s likely phishing.
  • Urgent call-to-action. – Scammers purposefully create a sense of urgency so that you act before you think. Don’t fall for it; if something is that urgent, you’ll receive a phone call from your banking institution or company.
  • Unexpected attachments or package tracking links. – If you aren’t expecting it, don’t click on it or open it. If you’re unsure, ask your supervisor or IT department.

Oops… I clicked on it.

It’s not always easy to identify a phishing scam. Scammers have gotten pretty good at casting legitimate-looking bait that looks pretty convincing. You might have been taken off-guard one day and accidentally clicked on a phishing link, or accidentally provided your account information. If this happens, you must act quickly by doing the following:

  • Log into your accounts and change your passwords. Always access your accounts by typing the website into the browser. Avoid clicking on account login links sent to you via email.
  • Notify banking institutions of the possible breach so they can monitor your accounts.
  • Consider obtaining third-party identity theft protection, which is a good idea to have anyway.

For more information on phishing and network security, contact us at CCSI. We can review your company’s current network security setup to make sure you’re up-to-date and protected.