3 Best Practices for Thwarting Phishing Attacks

The Blue Fox Blog
The Blue Fox Blog
3 Best Practices for Thwarting Phishing Attacks

Everyday Blue Fox Group is helping small to mid-sized businesses (SMBs) thwart cyberattacks and protect their organizations from unnecessary downtime by addressing the most common tactic that cybercriminals use to attack modern workplaces; phishing. Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers. According to PhishMe research, “91% of the time, phishing emails are behind successful cyber attacks.” Here are 3 tell-tale signs behind the majority of successful phishing attacks and how mere employee awareness can eliminate the vast majority of this threat from entering an organization.

3 Ways to Prevent a Phishing Attack from Stealing Your Data  

  1. The first sign to look for is the sender’s name in the “From” field of the email. Cybercriminals often use misspelled email addresses, such as [email protected], for example, in order to deceive the receiver into thinking that the email is coming from a reputable company. At a quick glance, many recipients won’t recognize the typo in the address field and they’ll open the email which opens them up to the bait.  “The overwhelming majority of security breaches caused by phishing are completely avoidable,” stated Mike Lindsley, Owner of Blue Fox Group. “While cybercriminals have grown more sophisticated in their approach, the average attack consists of the same key ingredients: an undereducated employee, effective bait and a temporary lapse in judgment. While we are in the business of securing an organization’s entire network and protecting them from any threats whatsoever, there are some initial steps that will safeguard a company without costing much time, energy or capital expenditure. These measures we’d like to share are extremely easy to implement and are excellent first steps in protecting a company from cybercrime.”
  2. The next step for employees is to hover their mouse over links, instead of clicking them without thinking about it. Lots of hackers use very long links or they hope that the recipient will just click on the link right away instead of previewing the destination by hovering above and making sure that the domains match where they expect to be directed. If the preview link looks suspicious, that’s probably because it isn’t a legitimate offer. We recommend deleting these types of emails.
  3. The final step for employees is to look in the footer. One of the current laws around email marketing requires senders to leave a physical address within the footer of the email. This is often left-out by cybercriminals and is a very easy way to tell if the email is a phishing attempt. Furthermore, there should also be an “Unsubscribe” button at the bottom of the email, which is another step that most hackers ignore.

By simply addressing these three initial steps, SMBs can avoid the vast majority of cyberattacks coming at their business. They are some of the simplest, yet most effective ways of minimizing risk within an organization. According to Blue Fox owner Mike Lindsley, "If all organizations were even this educated about cyberattacks, we would see a dramatic drop in incidents."

Today, more than ever, your data is at risk which means your business is at risk. One ransomware attack could put you out of business. One cyber-attack could cost you your business and the trust and credibility with your clients to safeguard their sensitive information. Blue Fox Defender helps small-to-medium-sized businesses monitor, identify and remediate attacks to keep your most precious asset, your customer data, and your business, safe from outside threats and intruders. 

Want to know how Security Defender™ works at a glance?
Download an Overview