The vast majority of malware attacks begin with phishing emails. These are official-looking emails that entice the user to click on a link and provide information such as a user name and password. Once a hacker has this valuable information, they can perform a wide variety of tasks such as steal sensitive user data, install ransomware software, turn your devices into a remotely-controlled botnet, use your servers for storage of illegal images and data – all very unsavory and very risky for your business.
A properly configured and managed desktop will normally stop these phishing attacks, but as hackers become more organized and even become state-sponsored, they phishing attacks become more sophisticated, realistic, and more difficult to detect, defend, and mitigate if successful.
Proofpoint Email filtering
The best place to stop phishing attacks is before they happen. At 3Nines Technologies we believe in a layered approach to security. For our Point9 Managed Desktop clients, our first layer is to route your inbound mail through our Proofpoint email filtering software. This service scans inbound emails for known spam and phishing attacks and quarantines those emails away from normal email. Your users are sent a notification of a quarantined email. They can review where the email is from and chose to delete it or let it through to their inbox. Unlike “spam” and “clutter” inboxes, Proofpoint never allows the email into your user’s inbox.
Bullphish ID is a training program designed for your company. It sends fake phishing emails to your employees inbox. If they click on the phishing email, they are routed to various training videos and resources, and you are notified of the security breach. The goal is to train employees to detect phishing emails before they can be used to infiltrate and attack your organization.
Bullphish ID is part of our Point9 Managed Desktop Security Stack. When you sign up for this program, we schedule a series of fake phishing emails to send to your organization, and provide you with reports showing the results of the email campaigns.
How to Detect a Phishing Email
Tips for Detecting Phishing Email
- Watch for overly generic content and greetings
Cyber criminals will send a large batch of emails. Look for examples like “Dear Valued Customer.”
- Examine the entire FROM email address
The first part of the email address may be legitimate but the last part might be off by letter or may include a number in the usual domain.
- Look for urgency or demanding actions
“You’ve won! Click here to redeem prize,” or “We have your browser history pay now or we are telling your boss.”
- Carefully check all links
Mouse over the link and see if the links destination matches where the email implies you will be taken.
- Notice misspellings, incorrect grammar, and odd phrasing
This might be a deliberate attempt to bypass spam filters.
- Check for secure websites
any webpage where you enter personal information should have a URL with https://. The “s” stands for secure.
- Don’t click on attachments right away
Emails with viruses attached might have an intriguing message to encourage you to open them such as “Here i the Schedule I promised.”
Contact 3Nines Technologies to stop email phishing
Contact 3Nines Technologies for more information on how we can help eliminate phishing scams using our multi-layered approach to security, and how we can provide backup, disaster recovery and remediation services in case you do fall prey to a well-crafted phishing scam.