While phishing attacks may be one of the oldest forms of attacks, they have shown no signs of slowing down.

The growth of phishing attacks in both frequency and sophistication poses a significant threat to organizations of all size. It’s crucial that companies know how to detect some of the most common phishing scams if they are to protect their corporate information. Listed below are 6 things to watch out for in a phishing attack.

1) Do you trust the sender?

Perhaps you may recognize the first and last name of the sender, but it’s very important to continue to proceed with caution, as deception is always the case in a phishing attempt. Be sure to match the first and last name to the email. Even if they match, look but don’t click!

2) Check for spelling errors.

[This is an ergent email! We have importent info on your bank acc. here. ](See what we did there?) Attackers are a lot less concerned with being grammatically correct, than the normal, trusted sender would be. Be on high alert when you discover common English words that are misspelled!

3) Is the sender asking for personal/private information?

Now, this has so many red flags, you’d think we were playing a game of minesweeper! It’s safe to say, all legitimate organizations will never ask for personal details or sensitive information over email. No if, and’s or buts.

4) Don’t fall for urgency! (Ever!)

A lot of phishing attempts will try and fool you by creating a sense of urgency or emergency. [So, and so needs $200 from you today to collect their million-dollar reward that they promise to split with you!] For real!? This has scam written all over it.

5) Be wary of attachments.

The attacker will commonly include an attachment with a juicy title, encouraging you to click, download and open the file. And most often than not, this attachment is not what you think it is. (Unless you think it’s malware, then yes, it is what you think it is!)

6) When in doubt, your SOC will figure it out!

Believe us when we say, your SOC would much rather be bugged with your concerns of an email, than putting the entire organization at risk. Tenfold.

By following this 6-step guide, organizations of all size should be able to identify a phishy email more quickly. However, that doesn’t mean some may slip through the cracks.

Offering security awareness training is the most effective method of keeping your organization safe! It’s more important now, as phishing attempts are constantly adapting to new forms and tricky techniques! Lucky for you, we offer effective security training programs, reach out to get more information here.

Because one significant cybersecurity incident, like a ransomware attack, will cost the organization far more than a managed phishing testing and cybersecurity awareness program.

For more advice on security practices view the links below:

1. 3 Reasons Employees Don’t Care About Security
2. Practical Steps to Protecting Your Online Privacy
3. Security Tips from the Experts

Secure Sense is the security provider that cares. We are a team of experts with a passion for IT and protecting your organization is what motivates us daily. If you have questions or want to learn more about how Security Awareness Training can improve your organization’s security, our services or just want to chat security please give us a shout. If you’re looking to guest blog, please send an email here.

You can also find us on Twitter, Facebook,  LinkedIn.

Don’t forget to register for our 4th annual Camp Secure Sense here. Camp Secure Sense is geared towards helping Canadian IT Security professionals improve their security practices, and better protect their organization.