Phishing is still the most common initial attack vector. Mass mailed spam is now taking cues from targeted campaigns, improving conversion rates through personalization and the use of seemingly authoritative content.
Scammers are getting better at targeting. Sharpen your defenses today – including your awareness training!
Here are some indicators that can help identify phishing:
- Sender: the name and the email address don’t match. Your colleague is probably not emailing you from someone else’s Gmail account or a Mexican car dealership (unless you are in the car sales business in Mexico)
- The link in the email leads somewhere else than the text of the link. Hover over to see the real url- or press an hold on a touch device. Here’s an example: https://bbc.co.uk
- The logo in the email is hosted on a different domain than the email address of the sender, and it is not a CDN or cloud storage bucket.
Training people to look for these indicators will help reduce damage from the more advanced phishing campaigns!