How to Spot and Avoid Phishing Scams

May 18, 2021
CCB_CommunityHero_051721_Avoid Phishing Scams

Phishing is the most common form of cybercrime and one of the biggest threats to organizations and individuals today. Phishing scams are fraudulent emails designed to trick individuals to divulge sensitive information or gain access to your company network via malicious links or attachments.

In the past few years, there have been numerous highly damaging data breaches which have impacted many of America's largest companies and their customers. In each one of these cases, millions of sensitive files, including credit card numbers, passwords and other confidential information, were compromised simply by someone clicking on a phishing link.

Moreover, last year’s emergence of COVID-19 caused an uptick in phishing attacks, as cyber criminals preyed on people’s increased reliance on email, texts and social media. Since the start of 2021, researchers observed increased spikes in vaccine-themed phishing campaigns that leveraged the latest news headlines or masqueraded as real government or medical organizations, making these phishing messages even harder to spot.

Besides taking advantage of the COVID-19 pandemic, phishing emails can come in many forms, whether it be impersonating someone you know, an urgent request from your bank, or a fake audit notification from the IRS during tax season. We know these phishing messages can be tricky to avoid, but we have some tips to help you spot phishing.

  • Trust your instincts
    Phishing emails look and feel like the real deal – some are branded, well-written and look and feel right to the non-discerning eye. But if it feels a bit “off,” or doesn’t seem quite right, then follow your instincts and find a safe way to verify the email.

  • Scrutinize senders
    Check for slight variations in spelling or format in the domain name that you may miss at first glance. If you are unsure or don’t know the sender, verify by reaching out through an alternate method (not by hitting reply).

  • Hover over, don't click URLs and avoid attachments
    If you don’t know the sender, don’t click on the link. PC users can also hover their cursor over the link to get the real URL and verify the sender. The same goes for attachments – if you’re not sure, don’t open it.

  • Don’t share personal info and bypass urgent requests
    Be especially wary if you’re asked to provide any personal information, like your social security number or password, in an email. Most companies will not send you an email asking for such sensitive information. Also be wary if it’s a request demanding urgent action or consequences for not acting – for example, an email warning that your account will be deactivated or a request for immediate payment.

  • Keep work and personal activity separate
    Use your company email exclusively for work-related activities and use only company-issued devices when conducting work. And avoid sharing your email to social media sites or using your company email for online shopping.

  • Always verify via phone
    If you receive an email from someone you know who is asking for sensitive or confidential information, call them on the phone and verify the authenticity of the email by confirming they are in fact the one who sent it.

For more information about phishing, please visit the Federal Trade Commission (FTC) and search for phishing.

Phishing scams can be tricky to avoid—learn how to spot them with these key tips.

This article is available exclusively to
Comcast Business Community Members.

Join the Comcast Business Community to read this article
and get access to all the resources and features on the site.

It's free to sign up

Sign Up

for our newsletter

network-security

Learn how Comcast Business can help
keep you ready for what's next.

 

footerNew

for our newsletter