As we begin our fourth and final week in October, Cybersecurity Awareness Month, we turn to another key behavior both individuals and businesses should turn their attention to ensure they are giving cybersecurity the time and attention they should. Recognizing and reporting phishing and social engineering.

What is social engineering? It is any attempt to persuade one to do something they should not, at least when comes to cybersecurity. It can be implemented via emails, text messages, voice calls, over social media and even face to face. Email is the primary way people are attacked, but the concepts work for any avenue of communication.

This key behavior is unlike the others as there is no technological tool to help enforce this one. This one is all on your users. If the person sitting in front of that computer or smart phone decides to click on an attachment or enters their credentials on a fraudulent website, they are opening your business up to an attack.

With the rise of artificial intelligence, it is easier for cybercriminals to craft phishing emails with good grammar and spelling.

Here are some tips on how to detect a phishing email:

  • The email has poor grammar, words are misspelled or misused, or random words appear throughout that do not fit.
  • The email has unusual visual spacing of words, sentences, or paragraphs.
  • Unknown sender.
  • Marked URGENT!!!
  • There are links you must follow or documents you must open to resolve the urgent situation.
  • You won a lottery you never entered.
  • THERE’S A LOT OF CAPITALIZED LETTERS IN THE EMAIL, as if they are shouting at you.
  • The email claims your password is expiring but says you can keep your existing password.
  • If the email claims to be from someone you know, but something seems odd.

Stay alert and stay safe!

Read More:

Introduction to Epicor Kinetic User Interface (UI)

Microsoft Azure AI Content Safety is Here

Back to IT News