We are seeing more South African companies falling victim to Ransomware attacks – including small businesses. Most of the time, ransomware is a product of phishing scams where people are tricked into giving away usernames, passwords and other sensitive information. Typically this is via email or SMS.
Everyone need to know how to spot a ‘phish’!
It is what happens after a phishing email lands in an inbox that matters. Phishing messages are only a problem when recipients click on a URL link to a spoof website. Education is just as crucial as robust email security for protecting your data, people and money.
Also, test the vulnerability of your workforce with a phishing simulation test. You can simulate cyber attacks regularly to identify your most at-risk users and learn how susceptible they are to ultra-targeted spear-phishing campaigns. Talk to us to find out how.
If you spot this, it could be a phish:
- Are you being encouraged to act now? Don’t open or respond to messages that insist on immediate action such as “Buy now”, “Reply now”, “Click here now” etc.
- Has the sender greeted you properly? Emails from legitimate senders will typically use your name in the greeting. Look out for generic greetings such as “hello there”, “Good morning sir/madam”, or “Hi”.
- Are you being asked to give up personal information in an email, SMS or online? Don’t do it. No legitimate company will ask for banking details or other sensitive information in this way.
- Does the senders email address look strange? Legitimate companies will have a domain email address. Scrutinise the email address for discrepancies and slight alterations such as an extra letter or number. For example [email protected] instead of [email protected]
- Are there spelling or grammatical errors? You can be certain that messages from legitimate sources will not contain errors.
- Are you being asked to open an attachment? Legitimate companies will usually direct you to visit their website to download documents rather than send them to you in an attachment.
- Is there a link that you are “meant” to click on? Hover your cursor over the link to see where it leads. If the email appears to be from a legitimate company but the hyperlink is an address for unrelated webpage, don’t click on it. If you really want to check the site out, copy the link into your browser and view it that way.
- Does the webpage you’ve been led to have “https” in the URL at the top of the page? The “s” at the end of “http” indicates that the website offers some level of security. If there is no “s”, don’t transact on that site.
Contact us to discuss your requirements.