Phishing Emails – What to Look For

Posted on by Christine Bauerschmidt |

As with every organization, job functions vary by department, but we all share one common responsibility: protecting the private data of our clients, customers, partners, and co-workers.

 SOME COMMON CAUSES OF DATA BREACHES

  • PHISHING ATTACKS/ IMPROPER CONFIGURATIONS

If your network is not setup properly with the correct security configurations, it can easily be infiltrated.

  • UNPATCHED AND OUT-OF-DATE SYSTEMS

Leaving software and firmware outdated invites risk.  Software companies release updates to fix security patches and reduce vulnerabilities.

  • CIRCUMVENTING POLICY

Whether intentionally or accidentally, failure to follow organizational security policies leads to data leaks.

  • WEAK PASSWORD PRACTICES

Attackers who get unauthorized access to accounts can enter your organization to steal info, or launch additional social engineering attacks. That’s why it’s extremely important that you use strong, unique passwords or passphrases for every single account.

What do all of these have in common?  Human error!

Most security breaches are made possible by mistakes that individuals make and not by highly technical attacks.  We remind you of this simply to highlight the role you play as a human firewall.

Only you can prevent data breaches! 

WHAT TO LOOK FOR IN A PHISHING EMAIL

  • The email contains incorrect spelling and bad grammar
  • The email begs you to click on a link or download a random attachment.
  • The email features a sense of urgency or threatening language.
  • The email comes from your boss…

Wait, what? 

An email from your boss could be a phishing attack? That’s right! Not every phishing attack comes full of obvious red flags. Some utilize compromised or spoofed email accounts of executives to send requests for money or sensitive data to other employees. Known as CEO Fraud or BEC (business email compromise) this scam is common, dangerous, and gives you even more reasons to remain skeptical at all times.

Article:  Security Awareness Newsletter 4/2019

CSI Protect Training can train your employees on what NOT to click on!!

CSI Technical Corporation | 7801 E. Bush Lake Road, Suite 125 |
Bloomington, MN  55439 |952-927-1788
www.csitechcorp.com