Phishing emails are a form of fraud. These emails try to get personal information such as usernames, passwords, or credit card numbers. This is done by impersonating a reputable brand or person within an organization. If an employee opens a link that they don't recognize, it can be very harmful to your company. Start protecting your company by adding Microsoft 365 to your business and gaining an advanced level of security and threat protection. It's also recommended to educate employees on how to spot phishing emails to ensure that your business stays safe. Here are two tips on how to spot a phishing email.
Check the Sender's Email Address
There are so many emails that get sent to your inbox on a daily basis. Hackers can create a fake email address and select the display name that it will come from. Any from address that is not compliant with the RFC 5322 will be flagged and handled according to the phishing policy setup in Microsoft 365. When a suspicious email is received here are some things to watch out for:
1) Do you recognize the senders' email address, or it is a random string of letters?
2) You will see that the sender is not someone you work with.
3) There will be links that you are told to click on. The links will be to websites with malicious content, do not click them.
Check for Spelling Mistakes in the Body of the Email and/or in the Send Address
Hackers tend to live in different parts of the world and may not have the strongest writing skills. They rely on online translators to help them write messages, which is great for translating but not necessarily for making text grammatically correct. It's common for a phishing email to have spelling mistakes and be grammatically incorrect, which could be overlooked. If an employee receives a suspicious email, they should ask these two questions to help spot if it's a phishing email or not.
1) Does the message contain grammatical errors an English speaker shouldn't have?
2) Is the email consistent with previous emails I've received from this person?
It's essential for a small business to have security in place to detect these emails before they can cause any harm. Microsoft 365 has an ATP anti-phishing protection to protect your business from any malicious phishing attacks. Microsoft 365 offers a lot of security and advanced threat protection that small businesses should have to run a safe and successful business.