• Register

Data Net Blog

By accepting you will be accessing a service provided by a third-party external to

Tip of the Week: How to Identify (and Foil) a Phishing Attack

Tip of the Week: How to Identify (and Foil) a Phishing Attack

Phishing has been gaining notoriety in cybersecurity circles, as it has been used quite successfully in a variety of business infiltrations and data breaches. Many of the more well-known cyberattacks of the last few years were enabled by phishing. In order to protect your business’ interests, you and your team need to be able to identify these social engineering attempts. We’ll go over a few ways to do so for this week’s tip.

What Is Phishing, Anyway?

Appropriately enough, phishing is when a cybercriminal pulls a bait-and-switch, posing as someone they aren’t to steal data and/or access credentials. By posing as someone else, someone seen by their target as trustworthy, these attackers lull their target into a complacent sense of security.

There are many different kinds of phishing attacks, which can be split into two main categories. The first, general phishing, makes use of an email that is written to potentially apply to as many people as possible, as a means of maximizing the number of potential victims. The second is known as spear phishing, and focuses on quality over quantity. Rather than a generic message being sent to many people, spear phishing requires in-depth research and insights into a specific target. This has commonly proved effective, especially since these messages typically appear to come from an authority figure.

Phishing attacks can be used to steal credentials, infect a workstation or network with malware, or fool a business user into making false orders on behalf of the business. Naturally, none of this bodes well for the targeted business.

What You Can Do to Recognize a Phishing Attempt

There are many tricks that cybercriminals use to disguise their phishing efforts, which can actually help you to identify them… as long as you know what you’re looking for.

  • The message’s content itself can provide a few clues. Generally speaking, any requests for a user to update or verify their credentials that are accompanied by (a little too) convenient links are most likely trying to get you to click through to a spoofed website where your credentials can be stolen. Are there any spelling and grammar mistakes?

  • The language contained in the email can also be indicative of an issue. Is the email sent to “Customer”, or is it sent to you? This lack of personalization is a sign that this email is likely a generic phishing attempt, as there is no reason for a legitimate business correspondence not to include details like your name.

  • Is it threatening? If the supposed sender is trying to cultivate a sense of fear and urgency, or has even included the threat of serious consequences, ask yourself if that seems like the best way for a legitimate business to communicate with a client, customer, coworker, or contact. On the other side of the coin, is the content of the message too good to be true, like claims that you won the grand prize in a contest that you never entered? This is a strong indicator of a phishing scam.

  • Are certain details within the email just a little bit… off? Are logos and branded banners in the message not quite the right color? Is the account that sent the message a business account, or a Gmail account that any J. Random Hacker could throw together? These are warning signs that something is rotten in the state of Denmark.

  • You also need to closely examine any (little too) convenient links, as referenced above. It is incredibly easy to make a hyperlink appear to say one thing while directing a user to another website entirely. Without clicking, hover your cursor over the link to check the URL. Does it include an unexpected subdomain (a word where ‘www’ usually is), or is it misspelled?

    Are there any additional periods or dashes in the URL before the first forward slash? For instance, 



may look very similar at first glance, but only one will take a user to a legitimate domain.

Phishing is a frustrating issue to deal with, but it’s an even more frustrating thing if it is successful. Reach out to the professionals at Data Net to learn more best practices to avoid phishing attempts - call (760) 466-1200 today!

You Don’t Hear About the Small Businesses That Get...
What Will Cybersecurity (Probably) Look Like in th...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, July 14, 2020

Captcha Image

Tag Cloud

Tip of the Week Security Technology Best Practices Productivity Business Computing Network Security Data Efficiency Privacy Communication Malware Hackers IT Support Innovation Smartphones Small Business User Tips Communications Google Cloud Hardware VoIp Email Mobile Device Computer Microsoft Software Workplace Tips Tech Term Managed IT Services Users Android Internet Cybersecurity Business Management Business Outsourced IT Hosted Solutions Collaboration Windows 10 Ransomware Cloud Computing Mobile Devices Backup Social Media Miscellaneous Network IT Services Passwords Upgrade Apps Wi-Fi Smartphone Data recovery Information Browser Saving Money Phishing Data Backup Managed Service Holiday Gadgets Facebook Applications Networking Internet of Things Wireless Windows Bandwidth Microsoft Office VPN BDR Managed IT services Blockchain Patch Management Automation Employer-Employee Relationship Gmail Marketing Access Control Chrome Data Breach Voice over Internet Protocol Conferencing Compliance Router Value Going Green Word Managed IT Service Business Intelligence Mobile Office Quick Tips Save Money Laptop Apple Paperless Office Cortana Remote Work Wireless Charging iPhone Government Remote Computing Healthcare Data Management Processor Net Neutrality Remote Monitoring G Suite Office Virtual Assistant Education Virtualization Data Security Tech Terms Cost Management How To Mobility Virus Retail Bring Your Own Device Office 365 Computers Server Remote Monitoring and Management Data Protection Batteries Covid-19 Telephone System RAM Physical Security Settings Employee-Employer Relationship Medical IT Telephony Windows 7 Twitter Artificial Intelligence Password Excel Business Continuity Connectivity Business Technology Disaster Recovery Scam Payment Cards Company Culture Health Social Network Mobile Security Eliminating Downtime Hard Drive Updates Staff Shadow IT Congratulations GDPR Chrome OS File Management IT Management Managing Stress Lead Generation OneNote Memes Travel Ink instant Messaging Threats Hard Drives Botnet Employees Distribution Server Management Virtual Private Network Maintenance Plug-In Analytics Remote Microsoft Office 365 Operating System Website BYOD Processors Certification Digital Websites Computer Repair WhatsApp Streaming Media Storage eCommerce Current Events Troubleshooting Windows Server 2008 R2 Telecommute IT PowerPoint Vulnerabilities Scams SSD PCI DSS Solid State Drive Fleet Management Customer Relationship Management Licensing Internet Explorer Proactive IT Law Enforcement Telecommuting Recycling Remote Workers News Unified Communications Authentication Wireless Internet User Tip Spyware Display Safety IT Service Downloads Dark Web Sales Online Shopping Human Resources Update Content Filtering Taskbar Data loss Hosted Desktop Live Streaming Sports Reporting Cryptocurrency Project Management Regulations Compliance Hard Disk Drive Multi-Factor Authentication Database Managed Service Provider Tech Support Threat Personal Information Big Data Technology Tips Authorization Network Attached Storage Environment Amazon Training Benchmarks Edge Mobile Trends Error Tablet Managed Services Provider Meetings Remote Support Hybrid Cloud Outlook WannaCry Help Desk National Security HP Spam Firewall User Security Search IT budget Comparison Video Mobile Device Management Cybercrime Co-Managed IT Alert Vulnerability Printing Workers E-Commerce Bitcoin Management Cleaning Microsoft Teams Vendor e-waste Tip of the week Security Cameras Risk Management Dongle Recovery A.I. Electronic Health Records Printer Cables Profitability HIPAA Document Management Antivirus Profiles SaaS Voice over IP Time Management Insurance Inventory Specifications Customer Service Holidays Machine Learning Tactics Humor Paper File Sharing Millennials Payment Backup and Disaster Recovery Remote Working disposal Wearables Virtual Reality Movies Touchscreen Knowledge Battery Printers Regulation WiFi Analysis Thank You Financial

Latest News & Events

Please join us in congratulating Bill Vann on his promotion to Customer Success Manager....

Contact Us

Learn more about what Data Net can do for your business.

Call Us Today
Call us today
(760) 466-1200

5795 Kearny Villa Road
San Diego, California 92123