Phishing emails are fake messages designed to lure people into clicking on dangerous links, sending sensitive information, or transferring money. Clicking on infected links can result in ransomware, data loss, unauthorized access of sensitive or protected data, or financial theft. ‘Phishing’ refers to messages broadcast to a wide audience, such as emails stating that your bank credentials need to be updated, you have underpaid your taxes, or your credit cards are blocked. ‘Spear-Phishing’ messages are personalized messages targeted at individuals, like HR and finance department managers and staff, often from ‘the CEO’ or someone else in authority. These messages ask for sensitive information, such as payroll records, to be sent, or for money to be transferred. Spear-phishing hackers often use information about the sender, that they find on a corporate website or in social media, to gain the recipient’s trust. Electronic tools should be implemented to identify and block phishing emails. However, because hackers are getting more sophisticated and using tools to defeat blocking technologies, the last line of defense is a workforce trained and tested in avoiding phishing scams.
Episode two of Technology Simplified – Tech Talk Everyone Can Understand. In this episode Will Slappey & Jake Demille discussed phishing campaigns: how bad actors convince people to “take the bait”, ways to recognize phishing emails & steps to prevent them ever hitting your inbox.
Be careful which emails you trust! If a suspicious email comes from outside your organization, and sometimes even from inside – take care to review the information and motives of the sender before clicking on any links.
Get caught up on all our Podcast episodes below: