According to a 2019 Data Breach Investigation Report, 94% of the malware received by organizations comes from email through phishing and other methods of email exploitation. So, what is phishing?
Phishing is an attempt by attackers to obtain personal or company information that can be used for malicious purposes such as getting access to accounts or opening a new credit card or bank loan. Using artificial intelligence, attackers are able to craft sophisticated emails that make the phishing attempts appear valid and from a credible source. It is becoming increasingly harder to detect such emails making it important to be aware of phishing red flags and practice safe habits to avoid being lured into a phishing attempt.
Phishing Red Flags:
- Unsolicited email messages;
- Emails with links or attachments from unknown senders;
- Emails with instructions to call a phone number to update account information;
- Email links requesting personal information.
Safe Email Security Practices:
- Do not click links, download files, or open attachments from unknown senders.
- Verify contact information in messages that appear to be from known senders to ensure the email is valid.
- Check link URLs to ensure the link address is a valid site before clicking any emails links, even from known senders.
- Never email personal or financial information.
- Never enter personal information in a pop-up screen.
- Protect your computer with a firewall, spam filters, anti-virus software and anti-spyware software.
Phishing schemes often also involve attempts to obtain personal or company information over the phone that can be used to craft emails that appear valid. Never feel pressured to divulge personal or company information via phone or email without verifying the validity of the request.
Click here to view the National Cyber Security Awareness Month information sheet on phishing for more information.