Spear Phishing is on the rise, and many of you don’t even realize it’s happening to you.
It used to be you’d get a random email from a bank you don’t do business with, claiming an account security issue. It’s pretty easy to figure out, But what if you get an email from your company’s HR department with a policy change notification, or vacation policy update. You click on it because it’s your company, or is it?
These days, the bad guys are spear phishing right inside your office. Why? Because they know you won’t even think about opening a company email, and they’re right.
So, how do you sniff out a spear phishing scam? While it’s nearly impossible to give you absolutes, you should know enough to never click on any of the links that are posted in the message.
If the warning, information or request is legit, it will appear on your screen when you manually log into your account, so always open a web browser and type the address yourself.
Look for poor spelling and bad grammar, those are usually signs of a scam.
Finally, check the links. You can sniff out mismatched links by hovering your mouse over the link (DO NOT CLICK ON IT) and checking the status bar at the bottom left corner of the message or web browser to see if it matches. If it doesn’t, you know it’s a scam.