The single most effective way to protect your business from attack is by catching phishing emails before someone opens them
Phishing emails try to trick your staff into opening the door to cyber criminals. These attacks are very dependent on the email headline. An attractive headline is critical to inducing your staff to open the email and read its content.
Here are some of the email headlines that you should watch out for this year.
Those that try to create a sense of urgency
According to cybersecurity firm Barracuda, who analyzed 360,000 phishing emails, the most common headlines try to get your employees to act right away, before they have time to think.
- “Your Password Has Been Breached, Please Confirm Your New Address”
- “The Deactivation of [Your Email] Has Been Requested”
- “A Delivery Attempt Was Made Here”
- “Our Vacation & Sick Leave Policy Has Been Updated”
When in doubt, have your employees verify any urgent request with an email or phone call.
What to do? Train your employees to take time to analyze any email with an urgent call to action, paying close attention to verifying the email account in the address lines, how names are spelled, and other details.
Free Tip Sheet
Share this tip sheet with your team, or print it and hang in common areas as a reminder of these dangerous phishing attempts.
Beware email headlines that mention expenses or payments
Any headline that mentions the transfer of funds should also be met with great suspicion, as they’re commonly used in phishing attacks. These email headlines could take many forms:
Posing as an Angry Client or Customer
• “Help with Problem in Invoice [XXXXX]”
• “Please Process My Request for a Refund”
Business Email Compromise Attacks
These attacks try to convince a lower-level employee that a decision maker is compelling them to take a certain action, often involving company finances.
• “Have You Remitted Payment to (Company) Yet?”
• “Please Get This Invoice Paid ASAP”
The inverse of a BEC attack is called a whaling attack. It’s when you target senior staff with a personalized message that tricks them into divulging important company information.
• “Do You Have (Employee’s) W-2 Form?”
• “Please Verify This Account Information”
According to Verizon’s Data Breach Investigations Report, 30% of whaling emails get opened by targeted users and 12% of those users click on the link inside.
Complete Network Can Help You Defend Against Phishing Threats
Phishing threats are pervasive and highly effective. If your business has been victim of a phishing attack or feels vulnerable to phishing attacks, it’s time to get serious about security. Complete Network has been helping businesses in Albany, New York and Charlotte, North Carolina mitigate the threat of phishing attack for 20 years.
Our friendly team is always happy to answer your questions and help you get on the right track to strong cybersecurity. Contact us any time at 877.877.1840 or [email protected]