Take time to remind your end users on what to look for in phishing attempts!
Here are a few quick reminders to pass along:
- Phishing attacks can look like legitimate messages and even come from email addressed from inside the organization
- Phishing campaigns can be designed to make users think that action is required for an online account, such as Office365 accounts
- After clicking on the email link, users are taken to a convincing log-in screen
- Once the user enters their sensitive information, the hacker has everything they need
- Corporations, such as Microsoft or Google, will NEVER ask for sensitive account or payment information in an email
- Never open attachments directly from an email message (save them and scan them with an anti-virus application)
- Beware of clicking on links within emails
- If your bank emails you asking for account updates and includes a link to log into your account, go directly to the bank’s website and login as opposed to following the link in the email
- When in doubt, contact your IT Department
Make sure end users know how to contact the IT Department and have contact information posted and easy to find!
Learn how BlueOrange Compliance can help you protect your organization and the people you serve by calling 855.500.6272, or request a free consult.