Many people checking their emails lately might notice a few that appear to be coming from institutions or people they trust. These fake emails ask for money and people are sometimes gullible enough to fall into the trap, allowing their servers to be compromised.
These phishing scams are a serious problem especially during tax season. Though there are many different scams on the internet, there are several different ways to spot fakes.
- The email address: While spoof emails look legitimate, there are normally small mistakes in the email address such as using 1’s instead of I’s. This is the first sign and normally only visible sign that it’s a fake.
- The body of an email: Many phishing emails looks too formal for day to day operations. They typically use greetings and other fancy words to get you to trust them.
- Asking for something valuable: As a general rule, most companies don’t risk sending valuable passwords and data over an email. If the person is asking for banking information, its most likely a scam. One company recently lost 250 W-2’s after their accountant assumed they were talking to their boss in an email.
- Dropboxes: Any prompting to use dropboxes or to open PDF files is just an attack waiting to happen. A fake drop box caused one company’s computer system to be locked down by a cyrptolocker virus that was attached to an email they were expecting.
Phishing is dangerous to just about everyone. You should train your staff to look for any suspicious emails. The best defense is to not open them.