Skip to main content

Data breaches are a growing problem for businesses of every size in every industry. By now, we’ve all heard about the Colonial Pipeline that was shut down by a ransomware attack.

While this was a targeted cyberattack, many similar attacks begin with a harmless-looking email. Phishing is a form of social engineering in which a criminal will attempt to trick an individual by sending a fake email that appears to be from a legitimate source. The email might ask you to confirm personal information or prompt you to open a link that infects your computer with malware.

Phishing was the most common type of cybercrime in 2020—and phishing incidents nearly doubled in frequency, from 114,702 incidents in 2019, to 241,324 incidents in 2020. – FBI

Phishing emails are one of the most common online threats. Here are five ways to spot a phishing attack.

  1. The email requests personal information – Hackers go to great lengths to ensure their emails imitate the real thing. However, if it includes a request you wouldn’t normally see, for example, asking for an account number or network password; it’s a strong giveaway that it’s malicious.
  2. The web and email addresses don’t “look” right – Phishing emails often come from an address that looks legitimate but is a little “off.” For example, an email from “” as opposed to Malicious links can also be concealed within the body of a suspicious email, right alongside legitimate ones.
  3. It’s poorly written – Often a phishing email can be spotted by the poor language used. Read the email carefully and check for spelling and grammatical mistakes. If you’ve received an unexpected email from a colleague that is riddled with mistakes, it might be a fishing attempt.
  4. It contains a suspicious attachment – If you receive an email from someone out of the blue that contains an attachment, it should be a red flag! If you’re unsure, make it a practice to scan it with antivirus software before you open it.
  5. The email is designed to make you panic – This is a common phishing email tactic. It may claim that your account has been compromised, and you need to click a link to change your password, or that your account will be closed if you don’t act immediately. If it looks suspicious, contact the sender through another means to confirm.

Remember rule one, “When in doubt, throw it out!” Links in emails, social posts, and online ads can often be cybercriminals at work trying to steal your information. Even if you know the source, if it looks suspicious, confirm it, or delete it!

Can your business stand up to these threats? Ask us about an IT assessment for your business. Let us help you keep your data protected.


Leave a Reply