We’re reading a TON of articles on common attacks right now. Wire fraud, direct hacks and phishing are all big concerns right now. While we’re all working at home and have been physically separated from most of our teammates, we are at much higher risk of being exposed to an email attack.

We want to recap a couple of things that we’ve frequently talked about in the past to help keep you safe in regards to email.

Here are are some red flags that you may want to pay attention to:

• Call to Action Emails
• An email that asks you to perform a task or provide information
• Urgent Emails
• A message that requires your immediate attention because of an emergency or a bad situation.
• Scare Tactic Emails
• Emails that threaten or blackmail you directly

Here are some helpful tips that can help you detect scams and phishing attempts:

• Slow down and take your time when reading your messages.
• Look at the sender, make sure their name is spelled properly AND the domain (@domain.com) is spelled properly as well.
• Think about what the individual is asking you to do, does it sound normal?
• If the email is urgent and seems like a dire situation, don’t react immediately, think about the request and call/verify.
• Call and verify
• Calling the individual to confirm the requested action or information is normally appreciated and a sure shot way to snuff out any foul play.
• Don’t click on links!
• A lot of scam and phishing emails will have a link to click that looks completely legitimate, once you’re on the site, it will have you enter your credentials to login.
• Instead of clicking the link in the email, Open a web browser and go directly to the site and login.
• Account changes
• Emails regarding account changes, such as change of bank account information should be called and verified with the person requesting the change. This can help prevent ACH fraud and wire fraud.
• Remember that you’re not the only one out there.
• While you’re scanning through your emails and warding off the bad ones that are coming in, keep in mind outside vendors or other employees may not be as keen as you are. If someone else’s email address is compromised inside or outside of the company, remember that calling and confirming is a sure shot way to ensure that the request is valid.
• Contact your IT department
• Get your IT guys involved! Your IT staff would much rather scan an email for accuracy and validity than handle an account takeover or a breach.
• If you’ve detected a scam or phishing email, contact your IT department right away so they can take action against the offending domain.

Hopefully, you’ll find this helpful and informative

As usual, if anyone has any questions at all, they can reach out to us directly.

‍