- Mismatched URLs: Many times the link shown in the email is different what the actual link. To see the real link, hover over it (or long-press it on a mobile device) first and see if it matches the one shown in the email. If not, it’s may be a phishing attempt.
- Misleading Domain Names: Often, the links in the email will show a domain name that is not related to the subject or is slightly different to make it look real if you’re not paying attention. If it doesn’t look right, it may be a phishing attempt.
- Poor Spelling and Grammar: Many of these emails are sent from foreign countries where they aren’t fully fluent in the English Language. This can be a sign of phishing.
- Asks for Personal Information: If the email asks for personal information such as back account numbers, passwords, security answer questions, etc., it may be phishing. Be careful what information you send over email as it is not secure in most cases.
- You Didn’t Initiate the Action: If you receive a message about something that you didn’t initiate or weren’t aware of, it may be phishing.
- Too Urgent: Many times these emails will ask you to do something with an incredible sense of urgency. That is a good sign of phishing.
- Unrealistic Threats: If an email comes in and says you have to verify your account information or your account will be shut down, that is usually phishing unless you were aware of the situation already. These emails have a tendency to look legitimate, so be very cautious.
- Unknown Attachments: Be very careful with opening attachments. If you aren’t expecting it, don’t open it unless you can verify with the sender. This is the easiest way for malicious software to enter our network.
The majority of malware and ransomware today enters organizations via Email. While we make every effort to shield those emails from you, it will never be foolproof. So you are the last line of defense in trying to keep Chesapeake’s technology resources safe and secure. Think before you click!