fbpx

We use cookies to give you the best online experience. By using our website you agree to our use of cookies in accordance with our cookie policy.

MyTek Blog

IT Security Tip of the Week: Five Tricks to Identifying a Phishing Attempt

IT Security Tip of the Week: Five Tricks to Identifying a Phishing Attempt

Despite its whimsical name, phishing is a very serious threat to everyone, especially today’s businesses. This means that you need to be prepared to identify its warning signs and avoid risky situations. Here, Phoenix IT security company MyTek offers a few tips to help you do so - make sure you share them with your employees as well!

Habits to Help You Foil Phishing Attacks

Fortunately, once you and your staff have developed the following habits, the likelihood of a phishing attack fooling one of you diminishes greatly… but not entirely. Attackers are always coming up with clever and new ways to pull the wool over their targets’ eyes, and there’s always the chance that you or one of your team members could miss one of the warning signs.

This is precisely why it is so important to turn the following activities into learned, automatic behaviors.

Check Links Before You Click Them

Links are a wonderfully convenient thing, when you think about it - all you have to do to go to the website you want to visit is click on the right link. However, cybercriminals will put wrong links into their messages (often disguising them) in an attempt to take advantage of this tendency. You need to get into the habit of taking a moment before clicking through any link you see and simply hovering your cursor over it.

This will display the URL the link directs you to, giving you the chance to confirm that the link is legitimate before clicking through and potential risk your IT security.

Know How to Spot Fraudulent Links 

Speaking of whether or not a link is legitimate, there are a few warning signs that hackers are counting on you to miss.

Let’s assume that you receive an email that appears to come from Amazon, offering some really impressive deals on some furnishings that your business could use, or some basic office supplies that always seem to be running low. The important thing is, it is something that definitely interests you… but is it actually coming from Amazon? As we said above, the URL can help you determine whether or not the message is legitimate.

Where in the URL does the last “dot” (as in, “dot-com”) appear? In a legitimate URL, the last dot would be the last one in the domain. 

  • [amazon.com/deals/offers] - As the last dot is the one in “dot-com,” this link should be safe to click through.
  • [amazon.com.deals/offers] - This URL should not be clicked on, as there is an additional dot after the domain.

Check the Sender

Who does the email actually come from? Sure, it might look like any other email from Amazon, or eBay, or PayPal, or whatever the case may be, but a skilled fraudster could have replicated their design with little trouble. What would be more difficult for them to do would be to hide the email address that displays in the header. Pay close attention, as these attackers have had to become really clever with how they disguise their trickery.

Sometimes they’ll omit letters, so the URL still looks close enough to the real one to pass the “quick glance” task. Quickly skim through this list:

  • amazon.com
  • google.com
  • ebay.com
  • payal.com
  • reddit.com
  • visa.com

Did you catch the fake? If you didn’t, look again more carefully. Since our brains are expecting certain letters to be there, we can subconsciously insert them into what we’re reading. 

Similarly, we can still read words that are scrambled up, so long as all the right letters are still there and the first and last ones are in place. In fact, that list could just have easily included the URL for “papyal.com,” or some variation of another URL. Carefully checking each time you open your email will take perhaps a half-second longer, but could prevent a much more time-consuming issue.

Taking the few moments to go through these steps won’t interrupt your day unduly, but will help keep your business safe. For more assistance with your IT security or for a complementary IT security assessment from Phoenix IT security consulting company MyTek reach out to us at 623-312-2440.

Expansion of Remote Work: Do You Have the IT Infra...
Are You On the Lookout for Payment Card Skimmers? ...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, October 23, 2019

Captcha Image

Latest Blog

If you’ve spent any time using a computer, you probably know what a URL is. It is the address of a website. It typically starts with “http//:” or “https://” and directs the Internet browser on where the user would like to surf. Nowadays a t...

Contact Us

Learn more about what MyTek
can do for your business.

623-312-2440

MyTek
7500 North Dobson Rd Suite 100
Scottsdale, Arizona 85256