There are Plenty of Phish in the Sea

By Darren Jacobson

phish·ing/ˈfiSHiNG/ noun: the practice of using fraudulent e-mails and copies of legitimate websites to extract financial data from computer users for purposes of identity theft

Phishing is a term used to describe the illegal attempt to acquire sensitive information such as user names, passwords, and credit card details through the use of fake emails (or instant messages). According to Verizon, 23% of recipients now open phishing messages and 11% click on attachments. To protect sensitive data, businesses must remember that employees are the first line of defense against these sorts of attacks and ongoing training programs are necessary.

That said, Microsoft has identified the following key ways to identify fake emails:

  1. Spelling errors and bad grammar. Since professional companies and organizations have staff to proof read emails and fraudsters do not, most notably the fake emails will have spelling and grammar errors within.
  2. Beware of links in the email. Rest the mouse over the website link (don’t click) to see if the website address appears suspicious.
  3. Threats. You may receive notice of accounts closing without immediate action or warnings that your security will be compromised without a response.
  4. Spoofing popular websites or companies. There may be slight differences in the email address or the company logo, so review carefully.

Once the fake email has been identified, be sure to notify your IT department of the occurrence so they can notify all other staff as you are most likely not the only team member targeted. Remember, you are the first line of defense in this sort of attack; be vigilant.

Ashland Partners provides several services, including Cyber-Security education and training, to assist you with your specific needs in identifying and mitigating risks for investment management firms.  If we can be of service to you, please contact Jason Millard at 1.541.842.8477 or jason@ashlandpartners.com.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s