Check Twice if it’s Phishing Email
On any given day we see hordes of emails getting accumulated in our spam folders, a few looks good, but when you take a closer look, then you will that the emails are not from a reliable source. It may look like a perfect email from your bank, but did you check the URL it redirects to, Yes! It’s a phishing email.
Why do we still get phishing emails daily, maybe because the senders want to get access to your computer or company network and then put you on hold with a ransom? Or maybe trick somebody to send money or other personal information. Nevertheless, we get thousand of emails every day and few of them fall for it.
When your employee gets these many fraudulent emails a day, how do companies ensure the safety of their infrastructure from such malware attack? The best way is to educate your employees about the potential danger of hitting the malware and the links from suspicious email. As the employee to report any suspicious email, and let the IT guys of that particular company do the rest to remove it.
In spite of so many examples where an ignorant employee clicks on a phishing email and end up inviting malware to the system, most companies have not been able to curb such attacks. The lack of will or budget is the main cause that organizations fail to provide such training to their resources. Recently a lesser known start-up company introduced a tool that helps companies identify phishing emails and links for companies that have less than 500 resources.
To counter Phishing attacks, they have a tool which has a template of the website that looks similar to other websites, just make few changes and add a logo. Now send this to the employees with a subject line that reads more likely to be a bait. So when an employee clicks it, he may likely get a message or trigger that it is spam. This kind of test will ensure that employees will be careful next time when he gets a similar email. A periodic test at times will ensure people are aware of the risk, and you are likely to insulate the very source through which a potential threat can be killed.
The idea is all about educating an employee about the dangers of clicking on an unauthorized website. This will put them on high alert, and then a brief about phishing will only make him confident.
Julia Sowells960 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.