Guardians of the Inbox: How to Recognize and Report Phishing

72% of respondents reported that they checked to see whether messages were legitimate (i.e. phishing or a scam) compared to 15% who reported not doing so. (NCA)

47% of the participants said they used the reporting capability on a platform (e.g. Gmail, Outlook) “very often” or “always”. (NCA)

October is Cybersecurity Awareness Month

Every October, we observe Cybersecurity Awareness Month to emphasize the significance of cybersecurity and encourage the use of simple cybersecurity practices. Marking its 20th year, The Cybersecurity and Infrastructure Security Agency (CISA) has launched a lasting cybersecurity awareness initiative named Secure Our World.

The third cybersecurity best practice CISA emphasizes is how to recognize and report phishing emails.

Recognize and Report Phishing

Phishing occurs when criminals try to get you to open harmful links or attachments that could steal personal information or infect devices. Phishing messages or “bait” usually come in the form of an email, text, direct message on social media or phone call. These messages are often designed to look like they come from a trusted person or organization, to get you to respond.

Phishing attacks have become an increasingly common problem for organizations of all sizes and can be very difficult to spot. It’s important every individual stop and think before clicking on a link or opening an attachment and know how to spot red flags.

The good news is you can avoid the phish hook and keep accounts secure!

Avoid Phishing Scams with Three Simple Tips

1. Recognize - Look for these common signs:

• Urgent or alarming language.

• Requests to send personal or financial information.

• Unexpected attachments.

• Poor writing, misspellings, or unusual language.

• Incorrect email addresses, domain names, or links (e.g. amazan.com)

2. Report - If you suspect phishing, report the phish to protect yourself and others.

• Know your organization’s guidance for reporting phishing. If your organization offers it, you may find options to report via the “report spam” button in your email toolbar or settings.

• For personal email accounts, you may be able to report spam or phishing to your email provider by right-clicking on the message.

3. Delete - Delete the message. Don’t reply or click on any attachment or link, including any “unsubscribe” link. Just delete.

If a message looks suspicious, it’s probably phishing.

But even if there’s a possibility it could be real, don’t click any link, open the attachment, or call any number. Look up another way to contact a company or person directly:

• Go to a company’s website to find their contact information.
• Call the individual at a known number and confirm whether they sent the message.

Avoiding phishing is one way to Secure Our World.

Teknologize is a SOC 2 certified, Professional Technology Services company with clients throughout the Pacific Northwest. We have offices located in:

• Tri-Cities, Washington 509.396.6640
• Yakima, Washington 509.396.6640
• Bend, Oregon 541.848.6072

Questions about your IT or Cybersecurity? Give us a call today!