Knowledge is Power - 6 Ways To Protect Yourself Online
It’s clear that executive leaders like yourself are valuable targets in terms of cyber security. Now I know you might be thinking to yourself: “But my IT department has me covered. We have a spam filter and a really good AntiVirus.”
The problem is, while all of that is great and needed, hackers are continually figuring out ways to get around the protections that are put in place. And so, you still need to learn some basic self-protection.
Phishing is defined as: “a form of fraud in which an attacker masquerades as a reputable entity or person in email or other forms of communication.”
And is the easiest and most common way for hackers to infiltrate your business and compromise your digital identity. Being familiar with this primary method by which hackers will attempt to get to you and gain control of your identity, privileges, and authority will enable you to prepare yourself.
Now that we know what that method is, phishing, and we know that’s likely how hackers will come at you, lets answer the BIG question-
How do you - as a non-technical leader, defend yourself?
The answer is:
Learn to Recognize a phishing email.
There are 3 main types of phishing emails that you should be familiar with:
First, we have Generic Email Phishing.
This is what most of us are familiar with and you probably already know how to spot one. The main features of Generic Email Phishing are:
This type can be easy to detect, hackers don’t spend a lot of time or effort in crafting the messages. The wording and suspicious phrases in these emails are easy to spot.
Spear Phishing emails are the second type.
These types of emails are:
Executive Whaling is the final example - but also the most dangerous to you!
These emails are the ones that will be aimed at you directly and for which you need to be most aware of.
The characteristics of an Executive Whaling email are:
Essentially Though – they All Work the Same Way
Not sure what elements to look for in a phishing email?
The next step in defending yourself is to become familiar with the elements of a phishing attack. Several elements make up the typical phishing email and being even a little familiar will help you be prepared when a real live phish drops into your inbox.
There are 6 important elements:
Recommended by LinkedIn
Sender's Email Address
One of the first things to check when you receive an email is the sender's email address. Cybercriminals often use fake or impersonated email addresses to trick you into thinking that the email is from a trusted source. Therefore, it is crucial to check the email address carefully, and make sure that it matches the company or individual that the email claims to be from.
Generic Greetings
We expect emails to be addressed to us directly and when they’re not, typically we infer them to be simply sales or vendor related. These types of emails tend to be handled a bit more frivolously as we click in them to see what it is this vendor is trying to get at. But it’s this careless approach to these generic salesy emails that catches us off guard when they are in fact phishing attacks with generic greetings meant to appear like bulk email. Indeed, they ARE bulk email, but bulk phishing email intended to catch you in their wide net. Avoid clicking on any and every link in generic looking emails just to figure out what the email’s intent is. If you can’t tell or don’t recognize the intent, delete the email and move on. Or better yet, report it using your organizations email reporting feature often found in Outlook or your email client software.
Urgency or Pressure
Phishing emails often use urgency or pressure to try to make you take quick action. They may threaten that your account will be suspended or terminated, or that you will lose access to important data if you do not take immediate action. However, it is important to remain calm and avoid rushing into any action without first verifying the legitimacy of the email.
Unusual Requests
Phishing emails often contain unusual requests or demands that are out of the ordinary. For example, they may ask you to provide sensitive information that you would not normally be asked for, or to send money or make a payment using an unusual payment method. If you receive such a request, it is important to be skeptical and verify the request with the sender through a trusted channel (such as picking up the phone and calling them with a phone number you already have or is listed on their website).
Poor Spelling and Grammar
Phishing emails are often written in poor English, with misspelled words and grammatical errors. This is because cybercriminals often operate in countries where English is not the first language. Therefore, if you notice any spelling or grammatical errors, it is a sign that the email may be a phishing attempt.
Suspicious Attachments or Links
Another common feature of phishing emails is the presence of suspicious attachments or links. These attachments or links may contain malware, which can infect your computer or network and steal sensitive information. Therefore, it is important to avoid clicking on any links or opening any attachments that you do not recognize or were not expecting.
Six Ways To Further Protect Yourself
While it’s easy to say “I’ll leave this to IT or Security”, as an executive with a target on your back, it’s up to you to learn what phishing entails and the characteristics of emails crafted just for you. By applying the simple steps outlined above and practicing with each email you receive, you’ll be well on your way to preventing the financial pain and reputational damage that a phishing attack can lead to.
Be in the know and up to speed on the latest Threat Intelligence prepared for Executives and receive more helpful tips delivered right to your email inbox. Each week I'll teach you the ins and outs of cyber security that will further protect your personal and company reputation - sign up for my weekly Cyber Tips by clicking the link below. There's no obligation, just pure educational tips each week right to your inbox for easy search and reference.
You can sign up at: