Actively protecting your company from email scams and hackers can save money and time. It’s common for unsuspecting employees to receive malicious emails that look like they’re from reputable sources, which can put sensitive business data in the wrong hands. These emails, known as phishing emails, try to bait recipients into installing malicious software or giving up sensitive information under false pretenses. When employees fall prey to phishing emails, it can result in a company-wide data breach.
Email Safety Rules
Implementing a few simple policies can help avoid a data breach disaster. Below are a few email safety tips that will help employees recognize and avoid phishing emails.
1. Never give out login information
Since no reputable source should ever ask you for usernames or passwords, do not reply to emails asking for credentials. If you click on a link or attachment in an email and a popup appears asking for login information, do not enter any information. Immediately delete the email.
2. Double check links before clicking
Anytime there is a link in an email, hover your mouse over the link without clicking on it. An address will appear that should match the link. If the address that appears does not match the link, the link could be malicious. If you know the sender, contact them outside of email to confirm that the link is legitimate. If you do not know the sender, delete the email.
3. Do not open unexpected attachments
If you receive an unexpected attachment in an email, do not open it, even if the sender is one of your contacts. If you know the sender, contact them outside of email confirm that the attachment is legitimate. If you do not know the sender, delete the email.
4. Notify IT support
If you receive what you believe may be a phishing email, contact your IT support resource to review and mitigate the situation. DO NOT forward the phishing email to anyone. If you are positive that it is a phishing email, immediately delete it and report it to the appropriate resource. If you are not sure if it is a legitimate email or a phishing email, contact the appropriate resource who can view the email in your inbox and instruct you on how to proceed.
To protect the security of your business data, it is vital that your employees recognize and properly handle phishing emails. If you are interested in providing your employees with security awareness training around phishing emails and other cyber threats, please contact an Anders advisor. If you are in need of an IT support resource, Anders also offers a variety of technology services that can be tailored to fit your unique business needs.