How to spot a potential phishing email? 

This is not always as easy as it sounds. We hear people say, ” I would never fall for a scam” or “I don’t click on links”. But, it only takes one time to be a victim of a data breach.

                                     In 2019 alone, 65% of U.S. organizations experienced a successful phishing attack (2020 State of the Phish, Proofpoint). 

First things first. Look at the email address as well as the sender. Were you expecting something from the sender? Does the email address match the sender? Example, Magic City Systems will only use ‘@magiccitysytems.com’. A great option to check a company’s domain name is to type the company’s name into a search engine. Companies won’t use public domains such as gmail. 

Some other things to watch for are spelling, both in name domains and the body of the email, grammar, suspicious attachments or links, and if the email causes a sense of urgency. See below slides for more in depth details on these methods.

The email below looks like it came from Amazon. It looks very real to the emails Amazon sends out. Notice even the sender says Amazon.com? This is a great example of how they trick people. Now let’s look at how to spot this next time to avoid a costly breach with this kind of phishing email.

Take a quick second and follow the slides below. (Click on slide to enable full screen.)  

WHAT’S THE WORST THAT COULD HAPPEN?
In 2019 alone, 65% of U.S. organizations experienced a successful phishing attack (2020 State of the Phish, Proofpoint). But, what exactly happens when an organization experiences a phishing attack and how could it impact YOU?