BurgiTech Logo

Surpriiiise!

Are you a HIPAA covered entity?

Hey! You just discovered a perk! For a limited time only, we are giving away free Notice of Privacy Practices posters which are required to be posted on your office wall. Contact us today and mention this "Surprise!" and you'll find out that you will not only get your free NPP but another surprise is waiting for you as well!

You can choose your favorate NPP format:

From the Blog

Cyber Security Awareness Training Series – Part I – Email (Phishing)

Burgi Technologies > All  > Cyber Security Awareness Training Series – Part I – Email (Phishing)

Cyber Security Awareness Training Series – Part I – Email (Phishing)

What Is Phishing?

If someone wanted to catch their own seafood dinner they would set some bait on the hook, cast it into the wide ocean and hope that they could trick a fish into biting what it thinks it’s just something to eat. If someone wants to distribute malware or steal personal information they might send out an email with bait that looks like something worthwhile and then cast it to a wide audience intentionally deceiving people by posing as a legitimate company, service or individual. Criminals typically utilize email to pretend to be a company or service, requesting that you do something usually urgently. They are hoping that you then click the link and fill out the requested information. once they have this information they may be able to use it in the future to steal your identity or access your accounts.

What is Spear phishing?

An even more direct and targeted method is called Spear phishing. Instead of going after many victims for a small reward the criminal goes after an individual or a small number of high-value victims. This method uses information tied to your company or you personally. From research on social media or elsewhere. Email addresses and links look very close to a colleague or business partner and corporate or partner logos are used to look authentic. The goal is typically to get access to a system by gathering your credentials or to install malware on your computer.

So, what should you be looking out for with phishing emails?

Well, first, look at the sender! Is it actually who claims to be? It may say it’s from PayPal but when you look at the domain name (for example billing@paypall.com), the part after the @ symbol, it has nothing to do with PayPal at all. Did you notice the extra “L” in paypall.com?  Another tell is grammatical or spelling errors contained in the email.

cyber security awareness training - phishing

Finally, if you mouse over the login link at the bottom, you’ll notice that it does not say paypal.com. These tells reveal that this email is not from the real PayPal. Usually, the tells are fairly easy to spot when you know what to look for, but sometimes they’re much more subtle, maybe only off by a letter or two or just inverted. The safest practice is to never click on a link in an email but instead to go directly to the site by typing in the URL. Clicking on the link in your favorites or performing the search for the organization. 

Some of the top tips to avoid phishing are:

Check who the email sender really is!

If you have any doubt and the email looks fishy, try to contact the sender by phone or text message and confirm if they sent the email. Do NOT reply to the email!

Check the email for grammar and spelling mistakes.

Double-check the email sender’s address by hovering the mouse over the sender’s name or double-clicking on it to open a pop up that reveals the full address. Look for any suspicious typos or misspellings. Make sure the address is true and complete.

Check the links in the email carefully

Mouse over the link to see where it goes to. If you are ever at all unsure do not click the link! Instead, manually type in the company’s URL in your browser or google the company name.

Contact your IT department

If you have an IT department, contact your IT security team if you’re unsure at all about an email.

Seek expert advice

If getting Phishing emails is becoming a growing problem for you and your business, our team of Cyber Security experts here at Burgi Tech are available to help and provide consultation and solutions to minimize any Cyber Security risk to your business.

Conclusion

If you liked what you read and are interested in finding out more about Network Security Services in Orange County get in touch with us for a free consultation today! Our IT specialists will help you figure out how you can have your network secured and protected in no time at all.

BurgiTech Team