72% of respondents reported that they checked to see whether messages were legitimate (i.e. phishing or a scam) compared to 15% who reported not doing so. (NCA)
47% of the participants said they used the reporting capability on a platform (e.g. Gmail, Outlook) “very often” or “always”. (NCA)
Every October, we observe Cybersecurity Awareness Month to emphasize the significance of cybersecurity and encourage the use of simple cybersecurity practices. Marking its 20th year, The Cybersecurity and Infrastructure Security Agency (CISA) has launched a lasting cybersecurity awareness initiative named Secure Our World.
The third cybersecurity best practice CISA emphasizes is how to recognize and report phishing emails.
Phishing occurs when criminals try to get you to open harmful links or attachments that could steal personal information or infect devices. Phishing messages or “bait” usually come in the form of an email, text, direct message on social media or phone call. These messages are often designed to look like they come from a trusted person or organization, to get you to respond.
Phishing attacks have become an increasingly common problem for organizations of all sizes and can be very difficult to spot. It’s important every individual stop and think before clicking on a link or opening an attachment and know how to spot red flags.
The good news is you can avoid the phish hook and keep accounts secure!
1. Recognize - Look for these common signs:
Urgent or alarming language.
Requests to send personal or financial information.
Unexpected attachments.
Poor writing, misspellings, or unusual language.
Incorrect email addresses, domain names, or links (e.g. amazan.com)
2. Report - If you suspect phishing, report the phish to protect yourself and others.
Know your organization’s guidance for reporting phishing. If your organization offers it, you may find options to report via the “report spam” button in your email toolbar or settings.
For personal email accounts, you may be able to report spam or phishing to your email provider by right-clicking on the message.
3. Delete - Delete the message. Don’t reply or click on any attachment or link, including any “unsubscribe” link. Just delete.
If a message looks suspicious, it’s probably phishing.
But even if there’s a possibility it could be real, don’t click any link, open the attachment, or call any number. Look up another way to contact a company or person directly:
Avoiding phishing is one way to Secure Our World.
Teknologize is a SOC 2 certified, Professional Technology Services company with clients throughout the Pacific Northwest. We have offices located in:
Questions about your IT or Cybersecurity? Give us a call today!