The internet is a vast kingdom of links, videos, and websites, with new content being uploaded in seconds from every part of the world. So, it only makes sense that for all the good that can be done with technology, there is just as much of the negative. Our friends at CyberSecurity Hub recently published a great primer on how end users can spot potential phishing scams, and that’s the inspiration behind this blog post. Not only is the information extremely relevant and useful, it’s easily understood by even the novice end user, and we highly recommend giving it a quick read. We’ll even give you a little time to go through it…
Now, you probably noticed that the focus of the article is around educating users and raising awareness on how to spot email phishing attacks. We think awareness is swell. It’s like when your Driver’s Ed teacher taught you about defensive driving (which always sticks), or you watched a video about horrible car accidents because drivers weren’t paying attention to the road (anyone remember Red Asphalt?).
Most of us took this with a grain of salt, however. I mean, what high school kid doesn’t think they’re invincible? The real question that should be asked is, even if we made reckless moves when we were young drivers, do we still do those things today?
Driving a car is a lot like navigating the internet; you’re taught how to use it properly, you’re given the warning signs for dangerous situations; and like cybersecurity, you buy insurance to protect yourself if a serious problem happens. And just like driving a car, you get coverage that branches into many different areas of protection, such as collisions, theft, fires, vandalism, etc.
So now, what’s better for protection? The thump-thump-thump sound your car makes from the rumble strips when you begin to drift out of your lane on the freeway? Or a guard-rail to prevent you from going off the road or into opposing traffic?
Here’s our riff on how we complement the driver’s ed approach to phishing protection that most organizations use with actual guard rails.
3 Ways Users Can Prevent Phishing Attacks
1. Look for Mismatched URLs and Redirects
2. Beware of Messages Conveying Unusual Urgency
3. Think Before Responding to Unauthorized Account-Related Emails
1. Look for Mismatched URLs and Redirects
Phishing attack emails often display links within the body of the fraudulent messages. Sometimes, people may see the address spelled out in the body, then notice the target address is different when they put their cursor over the link before clicking it. In other cases, individuals might get redirected to strange websites after clicking on the links in the email. Both of these scenarios are warning signs that a message is a phishing attempt.
Clearedin locks dangerous emails so that links are rendered unclickable. When a user tries to click a bad link, they will see a pop-up that shows where the URL is actually going, including expanding any shortened URLs and following URL redirects to their ultimate destination.
A common quality of phishing attack emails is that they try to get people to behave haphazardly and not think through their actions. Sometimes, the approach is to tell recipients that they've won prizes and have to act fast to claim them before it's too late. Or, the criminals might warn that people will have their accounts closed down unless they provide information immediately.
Clearedin scans suspicious messages for common words and phrases that are used in phishing attacks. It highlights them and gives the user tooltips that are far more effective in raising awareness of phishing dangers as we discussed in a recent blog about "teachable moments". And of course, the email remains locked so the user can't actually click on any of the links or even reply to the message.
People who orchestrate phishing scams frequently try to lure their victims by mentioning how their accounts showed suspicious activity and got suspended. They continue by saying people need to provide personal information to restore full functionality. The fields for choosing and confirming new passwords appear directly in phishing attack emails.
Clearedin offers email protection services that protects users in multiple ways. Any words related to accounts or passwords, along with a wide variety of common words and phrases used in phishing attacks, are automatically highlighted for the user. In addition, the email is locked so the user is unable to engage with it in any way, including replying to or forwarding it.
When you choose to use an anti-phishing solution, you are taking appropriate safety measures to ensure your computer and any sensitive information remain unharmed. With Cleardin, you are guaranteed quality cybersecurity protection that will act as a perfect line of defense against hackers. Contact a Cleardin representative today to learn more!