Whether you’re an entry level sales associate or a C-suite executive, one thing is true in most businesses: You’re going to deal with a lot of email.
Unfortunately, our dependence on email isn’t just making it more difficult to leave work at the office. A recent survey found that 30% of websites have been affected by email phishing schemes.
Even more surprising, although 54% of website managers surveyed believe they have not been affected by a security liability, experts point out that the most successful attacks typically fly under the radar.
Unsafe emails have evolved from the days when a Nigerian prince would show up in your inbox with a wild story about a lost inheritance. Today, hackers may already know who you’re frequently corresponding with and can show up in your inbox disguised as a trusted client. Sometimes, a phishing email will even appear to come from within your company.
How can you protect yourself, your company, and your clients, without dedicating your days to the latest hacking trends?
Luckily, you don’t have to become a tech wizard to master best practices in security. Here are four simple steps you can take toward greater security and more confidence online:
The most effective email phishing schemes are so subtle you may not even realize you’re corresponding with a hacker. Taking a closer look at the email address to ensure it’s authentic can help you determine that the person on the other end of your emails isn’t a hacker.
Once you know what to look for, scanning email addresses will come naturally. Hackers sometimes add subtle changes, such as a hyphen or a duplicated letter, to trick you into replying. The email address might end in “.com.com” or there might be a random middle initial or number added in.
Taking an extra second to confirm the authenticity of the email address is a fast and easy strategy for avoiding a major phishing crisis.
Hackers frequently look for opportunities to use vacations as an opportunity to leverage an email address for an attack.
Picture this: Your main point of contact at a company has gone on vacation, and his colleague has stepped in to pick up their email while he’s away. You aren’t as familiar with his colleague, so when you receive a routine financial request from a name you don’t recognize--with the same company URL at the end--you don’t think twice before sending it off. Suddenly, a hacker has access to a routing or PIN number they were never meant to see.
If you’re already friendly with a client, be sure to note their absences and request an introduction to a dedicated point of contact who will pick things up in their absence. If you receive a financial or other sensitive request, you may also be able to respond when you know your point of contact has returned.
If you have any lingering doubts about whether an email is authentic, don’t be afraid to pick up the phone and call your client directly for quick confirmation. More often than not, clients will appreciate your attention to detail and commitment to security.
No one wants to think about what could happen if disaster strikes, and hopefully, you’ll never have to deal with a phishing scheme. But just in case something goes wrong, be sure to have a plan for recovery in place.
In a survey of website managers, only 51% backup their files regularly--and despite the growing risks posed by email phishing, only 18% planned to start backing their files up regularly in the future.
Backing up your files regularly or using cloud-based programs such as Google suite or Dropbox will ensure that your files remain accessible even if your computer is wiped out.
If an attack occurs, having recently backed up files is the key to getting back to business as quickly as possible. If your organization has already switched over to cloud-based programs, you may already be a step ahead, ensuring that you can bounce back from as quickly as possible.
With these four steps in mind, you can tackle a full inbox with savvy and confidence that you’re taking precautions against the ever-growing threat posed by email phishing.
--
Michelle Delgado is a Content Developer & Marketer at Clutch, a B2B ratings and reviews firm in the heart of Washington, DC.