Cyber Security:  Five Common Phish Attack Schemes

Hackers only need you, that’s right just you. They are sneaky and know the general population is busy and doesn’t pay close attention to the emails they receive. Hackers know people are comfortable in their daily habits. They exploit this behavior by creating email scenarios designed to encourage a click. They need just one person to click just one time to infect their computer with malware that grants them access to the information they need to launch a more sinister attack.

“Phishing attacks are by far the most common cyber attack today, and these attacks continue to get more and more sophisticated.  Gone are the days of the ‘dear sir’ attack-now we have to worry if an email appearing to be directly from a co-worker is actually from them,” said Steven Hines, president of Threat Advice.

Because hackers are continually changing their tactics, clicking on a nefarious email or link leading to a cyber attack can happen to anyone. Recognizing the threat before it turns into a disaster is just one way we each can be more prepared. The following are five ways hackers are currently trying to access your business and personal information:

1. Look but don’t click. If the email address or the attachment name seems “phishy,” it probably is. Are there spelling or grammatical mistakes? Companies with professional staff are not going to make these types of mistakes.
2. Analyze the salutation and signature closely. Most legitimate businesses will use your name rather than a generic greeting like “Dear customer.” The business should provide ways to contact them in the signature. If that’s not provided, it could be a phishing attempt.
3. Know your brands. Hackers will spoof your favorite brands and make their emails look enough like the actual brand to fool you. Is the logo color wrong? Are there additional words in the brand name? Did you sign up to receive emails from them? Don’t click any links before you examine the email to confirm the sender.
4. Urgent or Threating – No one likes a bully. A common phishing technique is to use harassing or threating language in the subject line or email content or to create a sense of urgency to handle a fake problem. Most legitimate banks, utilities/municipalities and businesses will not ask you to provide your private information via email nor threaten you in an email.
5. What grandma said…“If it’s too good to be true, it probably is!” Hackers will continue to send phishing emails promising riches and prosperity if you only send your social security and bank information. Why? Because unfortunately, people still take the bait.

Article contributed by Cobbs Allen. Cobbs Allen is an official Gold Partner with the Medical Association. For more information about cyber liability insurance and how it protects your business, contact Margaret Ann Pyburn.