Today we will look at how to spot phishing in 2021, unpacking some of what makes this year unique.
In the year ahead, we are expecting to see a significant increase in a specific type of phishing, called Spear Phishing. They call it spear phishing because these attacks are highly targeted, and typically include wildly specific information or details about different individuals in an organization.
The reason this is such a threat this year is because of advancements in the ability to automate these kinds of attacks. In the past, it took a lot of time and effort on the hackers’ part to pull something like this off, but now they have programs that can scan social media and company websites to pull together the information they need to be convincing.
Side note: It is best practice to keep the amount of public information about your staff to a minimum on social media and websites. Do not publish email addresses, and also evaluate how necessary it is to publish staff photos and job titles.This may vary by organization.
While the ability to automate spear phishing campaigns will cause a large rise in the number of attacks that will be circulating, it does come with one unexpected upside.The attackers are sacrificing some degree of quality for the sake of quantity. This means they should be easier to spot, despite how much they might know about your boss’s dog. So, let us review 3 of the most important things to look for to detect a phishing email:
Check out the email domain name. Even if the name appears to be from someone familiar, go a step further and check the actual email address the message came from to make sure it checks out. Often there will be clues in the form of subtle misspellings or extra letters and numbers.
Sense of urgency: Phishing emails bait the hook with our emotions to get in the way of our common sense. Be leery of anything that targets a fear/panic response (like warnings of stolen information), tickles your curiosity, or sounds a little too exciting.
Suspicious attachments or links: Phishing emails will always try to get you to go somewhere or do something. That might look like a page asking for login information, or a malicious attachment they want you to download. Always check the URL of any website asking for your credentials. It might appear to be a Microsoft 365 login page, but the domain name might show something entirely different. Also avoid downloading anything you are not already expecting to receive from someone. If there is any doubt, call the person it appears to be from to ensure that it truly is from them.
WHO IS RUNBIZ?
Run Business Solutions is an IT managed services and website services provider based in Amarillo, TX. We support small to mid-sized businesses both regionally and throughout the country. We pride ourselves on helping businesses leverage technology, not just tolerate it. Runbiz is focused on enthusiastically providing excellent technical strategy, services, and solutions that drive our customers' businesses forward. We are passionate about our mission to empower you to do what you do best.
To learn more about our approach to IT, visit our Managed IT or Co-Managed IT pages. If you are looking to revamp your website to look and perform better, visit our Website Services page for more information.
To speak directly to a member of our team, fill out the consultation form! We would love to learn more about your company, your technology needs, and how we can address the unique challenges you face.