BotNet News

Phishing is one of the oldest forms of cyber attack and still a popular way for threat actors to steal passwords and compromise corporate data. Attackers spoof email domains and impersonate banks, tech companies and online retailers to trick victims into sharing sensitive information. Once attackers obtain this data, they can access accounts and pilfer bank funds.

Sophisticated attackers use a variety of tools to disguise their malicious intent, including the use of familiar logos and names from trusted brands, as well as leveraging technology to spoof time and location. This is why it’s important to know the warning signs of phishing so you can recognize a message before it’s too late.

A few telltale cues to look for include spelling and grammatical errors, an urgent call to action and threats. Be especially suspicious if a message starts with an unfamiliar greeting or is addressed to “Dear customer,” rather than your name. Also, be wary if you’re cc’d on a message alongside colleagues or other individuals from departments unrelated to your work.

Another common indicator of a phishing attack is a request for personal information, such as an account login or verification code. Legitimate companies will never request this information via unsolicited messages.

Other signs to watch for include messages that contain links that don’t go directly to a website (for example, directing you to an intermediary page that looks like a legitimate site), and attachments that seem out of the ordinary. Using software that can identify phishing attempts and protect your organization against the most sophisticated attacks can help ensure that phishing emails don’t make it to your inboxes.