Would You Fall for a Phishing Scam?
Phishing is one of the most popular and efficient ways for cyber criminals to exploit employees and gain access to sensitive data. Why, though, is it so easy for you or your employees to be duped and for human error to unleash a debilitating phishing attack?
Maybe you’ve had sufficient cyber security training and you know what to look for. Want to test your knowledge?
Take a look at the following four emails, decipher which look like a phishing scam, and find the answers below!
Real Deal or Phishing?
Do you have all your answers ready? Here we go.
#1 – PHISHING
If you look closely at the first image, you’ll notice that the body of the email contains some errors. Companies take their communications seriously, and most emails would be checked before being sent – so consider spelling and grammar mistakes a probable tell-tale sign that the message is from an illegitimate source. In addition, Amazon’s real corporate domain is @amazon.com, not @amazonussa.com.us.
#2 – REAL DEAL
This e-mail was sent from @amazon.com. It’s written in official style without mistakes or misprints, and the link takes you to amazon.com.
#3 – PHISHING
This site copies the appearance of American Express Serve precisely, but it has a different URL. In addition, it prompts the user to enter a security answer along with their login and password (which is out of the ordinary), and “bellow” is misspelled.
#4 – PHISHING
If you look at the domain name on the email, you’ll see that it is cgi.com, not ebay.com. This a key indicator that the email is malicious. Any links within the email may lead to malicious websites that prompt you to enter your login details or install malicious code onto your computer.
Always check and study the senders email address and URL’s before you click them. Whenever someone sends you a link via email or social media, or in any platform. If you do click the link, then always double check the URL of the site. Look for a valid SSL certificate (Green Padlock), and double check the domain name for additional words/characters.
If the senders email address does not match the official domain name of the company then delete the email and block the sender. This will ensure you don’t receive any further emails from them in the future.
Phishing attacks are on the rise and becoming more difficult to spot at first glance. To help keep your business safe you should keep staff educated with regular cyber security training, and have your IT company setup or tighten spam filters to reduce the amount of malicious emails your business receives.
If you would like to discuss cyber security training for your staff, or any other IT/cyber security requirements then please get in touch on: 01252 938700 or Email: [email protected]