Gone Phishing: top tips for spotting phishing cybersecurity scams
I've been a little quiet on LinkedIn lately because I've been working on some really chunky projects. One of them is a B2B cybersecurity guide for a tech client, and one of the elements that the guide focuses on is phishing.
📢 As many as 83% of cybersecurity breaches affecting UK businesses in the last year are estimated to be the result of phishing - and the techniques and tools that cybercriminals use to launch these types of attack are only getting more sophisticated and harder to spot.
🎣 Phishing is known as a type of social engineering. This is because it relies on human failures. Typically the attacker masquerades as a legitimate and well-known company - brands like Microsoft, Amazon, UPS and Royal Mail being some of the most-commonly used - in order to get you to click on a link, reply to an email, or make a phone call. You will then be asked for sensitive information like your date of birth, password for verification, or your credit card information. In some cases, clicking on a link will download malware (software designed to cause damage, disruption or steal information) onto your device.
Phishing attempts can come as emails, text messages, WhatsApp messages and even direct messages on social media platforms. You can't avoid them, but you can learn how to spot them. That's part of what I'm writing about in this cybersecurity guide.
Some top tips for identifying a phishing attempt:
Look out for messages...
🚩 with bad spelling/grammar
🚩 from email addresses that don't match the supposed sender
🚩 with unfamiliar greetings or using the wrong name
🚩 where the font looks unusual
🚩 demanding urgent action
🚩 with suspicious-looking attachments
🚩 that seem too good to be true (they nearly always are!)
Hackers are getting smarter, so we need to think smarter too. If you've ever falling for a phishing scam, let me know about it in the comments. And don't be embarrassed, it's much more common than you think!