Tech Tips
Phishing Scheme Red Flags
According to Verizon, phishing is the leading way hackers breach your networks and devices. IBM's Cyber Security Intelligence Report cites human error as a major contributing cause of 95% of cybersecurity breaches. Here are the 4 key places to check in the emails you receive to help you keep your information safe.
1. Who is the email from?
The organization or person name offered should match the address that follows it. Emails will not send from a domain with a typo. So your friend will never send messages from an address @gmial.com. Also, companies are very aware of their marketing. Therefore you’re very unlikely to receive a special deal from cupouns@anycompany.com. If you spot a typo anywhere in the sender address, know the sender is likely an imposter phishing for your information.
2. How do they address you?
If you do business with an organization, they will usually use your name as an opener. No one wants to feel like a number, and businesses know this. If a marketing email does not address you by name, it may be a phishing scheme.
3. Does the email contain links?
Make a habit of avoiding links from senders you do not know.
If you think you can trust the email's sender, use your mouse to hover over the included links without clicking on them. When using a computer, the URL where the link will direct you should appear. If the web address is suspicious, it may be a phish--feel free to move on. Similarly, if all the links direct you to the exact same place, make sure they all are claiming to link you to the same place. If the “sign up now” link takes you to the same URL as a blog link, there is a problem.
If you are still unsure whether a link is ok to visit, run it through Cloudflare's URL Scanner. No need to sign in: right click on the link and copy it, then paste the URL in Cloudflare's search box. You’re good to go! The scanner gives more information than you might want. Click over to the Security tab on the scan to see whether the link should lead somewhere safe to click.
4. Is there a footer?
Any business sending you marketing emails should at a minimum contain a physical address for the organization and an unsubscribe button. These are legal requirements. If either is missing, the sender is either breaking the law in their marketing or breaking the law by impersonating the business “sending” the material.
You may want to right click on the Unsubscribe button and run it through Cloudflare's URL scanner (above) before following the link. Bad guys have been known to hide dangerous links there as well.
As always, you’re better safe than sorry. If you suspect a message, do what you can to confirm with the sender another method. Or just assume the email is a phish and delete it before going on about your day.
ABOUT FRONTLINE TECHNOLOGY LLC
Frontline Technology is one of the only ministry-focused IT companies that is led by pastors and ministry leaders. With over 20 years' experience serving organizations of all sizes, Frontline understands the unique needs, budgets, and technology challenges of nonprofits.
Technology is often perceived as complicated and expensive. Many nonprofits struggle to implement the technology solutions and security needed to drive their mission forward. Frontline Technology helps nonprofits overcome their technology challenges so they can stay focused on their mission.
For nonprofits of every type and size: We Keep IT Simple
Contact Us
Frontline Technology is one of the only ministry-focused IT companies that is led by pastors and ministry leaders.