Thanks for choosing Orange County Computer, Inc.

949-699-6619 | 8am – 5pm Monday – Friday : Saturday by Appointment

Orange County Computer INC.
  • OCC Home
  • About Us
    • Blog
    • Location
    • Testimonials
    • Partners
    • Computer Repair Warranty
  • Contact Us
    • Customer Referral Program
  • Tech Center Services
    • Desktop Repair
    • Laptop Repair Services
    • Virus Removal
    • Tech Support Services
    • Data Recovery
    • E-Waste Recycling
    • Disaster Recovery
  • Business IT Services
    • Enterprise WiFi Solutions
    • Managed Services
    • Software Licensing
    • Why Choose a Microsoft Partner
    • Software Application Development
  • Technologies
    • Disaster Recovery Solutions
    • Data Backup & Storage Solutions
    • Offsite Backup
    • Software Support
    • Virtualization
    • Firewall & Security
    • Servers
  • Web Services
    • Domain Registrar
    • Hosting Services
    • Web Design
  • OCC Home
  • About Us
    • Blog
    • Location
    • Testimonials
    • Partners
    • Computer Repair Warranty
  • Contact Us
    • Customer Referral Program
  • Tech Center Services
    • Desktop Repair
    • Laptop Repair Services
    • Virus Removal
    • Tech Support Services
    • Data Recovery
    • E-Waste Recycling
    • Disaster Recovery
  • Business IT Services
    • Enterprise WiFi Solutions
    • Managed Services
    • Software Licensing
    • Why Choose a Microsoft Partner
    • Software Application Development
  • Technologies
    • Disaster Recovery Solutions
    • Data Backup & Storage Solutions
    • Offsite Backup
    • Software Support
    • Virtualization
    • Firewall & Security
    • Servers
  • Web Services
    • Domain Registrar
    • Hosting Services
    • Web Design

Can You Spot A Spoofed Email?: How To Protect Your Business From Today’s Biggest Phishing Risks

Orange County Computer INC. > About Us > Blog > OCC News > Can You Spot A Spoofed Email?: How To Protect Your Business From Today’s Biggest Phishing Risks

Can You Spot A Spoofed Email?: How To Protect Your Business From Today’s Biggest Phishing Risks

Have you ever received an email from a client you regularly communicate with, but it looks… “off”? Or perhaps you’ve received an email from a bank that you don’t hold an account with, or a company requesting that you pay an invoice for goods you never even purchased.

What you’ve encountered is most likely a phishing email.

A first in a series of blogs on phishing, we want to educate you about what phishing is, the different types of phishing that you could encounter, and how you can protect yourself from this widespread cybersecurity risk.

Read on to learn more about email spoofing and brand impersonation, the most common phishing risks employees encounter, and how we at Orange County Computer can help you implement solutions to guard against a phishing attack.

What is phishing?

Did you know that 97% of employees cannot identify a sophisticated phishing attempt? Phishing is a cyberthreat that employees face every day and they’re unfortunately likely to take the bait.

Phishing is the star of the cybercrime world. It is a type of social engineering attack that is used to steal user data – this can include usernames and passwords, credit card numbers, sensitive company information, and more. Cybercriminals pose as a trusted entity, tricking the victim into opening an email, instant message, or text message, which could contain a malicious link or attachment. The link could lead to a website prompting the victim to enter login credentials or other personal details, as well as install malware. An attachment may contain a harmful script or compressed file, which upon opening could deploy a ransomware payload that encrypts the victim’s data, make it inaccessible, and held ransom by the cybercriminal until the “ransom” is paid for. At this point, the victim finds himself in a vulnerable position. Even if he pays the cybercriminal, there is a chance that the decryption key will not be given as promised.

From business email compromise to malware / ransomware, all of today’s harmful cyberattacks begin with phishing, most of which lead to catastrophic consequences. For companies and individuals alike, this can include the loss of intellectual property or money, damage to reputation, data theft, and disruption of operational activities. With people continuing to work from home and hybrid work environments persisting post-pandemic, individuals and employees across the board need to be extra careful and stay alert when reviewing emails. Of the types of phishing risks that have become widespread, businesses need to take email spoofing and brand impersonation seriously.

Can you spot a spoofed email?: Beware of email spoofing and brand impersonation!

Email spoofing and brand impersonation are two of today’s biggest phishing risks. According to Digital in the Round, about 25% of the emails that companies receive from brands like Amazon, LinkedIn, or Google are phishing attempts. In the case of spoofing, cybercriminals take a real email, copy it, then use it to initiate a phishing attack. With brand impersonation, a cybercriminal pretends to send messages from a well-known brand or company to pass off as a trusted source. Both methods con unsuspecting recipients into interacting with the message by masking those messages as something harmless or including product that’s desirable. And while Microsoft normally spearheads the list as a brand that cybercriminals imitate the most, ZDNet reports that DHL tops the list as the most imitated brand at the end of Q4 in 2021. With more individuals and companies relying on email, online shipping and shopping options, it is important to know how to spot the difference between a real and fake message. Educating employees is a first step companies can take to stop a cybersecurity risk from turning into a cybersecurity threat — we at Orange County Computer are more than happy to take it further by assessing your network environment and help implement security solutions for you, based on your company’s IT needs.

Phishing

New Emails in Your Inbox: Red Flags to Look For

Don’t currently have a strong firewall or an email scanner in place to filter out potentially harmful emails? Informed and attentive employees are the first line of defense. Identify phishing risks and prevent them from turning into cyberattacks, using the list below:

  1. Check the sender’s domain and email address: Real companies send emails from their official domain – look at what follows after the “@” symbol in an email address. For example, a legitimate email from Microsoft would include “@microsoft.com”, not variants like “@microsoft.business.com”. If a domain looks unusual, check the address on the company’s website.
  2. Pay attention to the header and footer for clues: If the header or footer conflicts with or is different from previous emails you’ve received from that brand or company, it is likely the email is a phishing attempt.
  3. Look at the subject line and preheader: Does the subject line or preheader of a message seem a little “off” to you? Are there odd phrases, emojis, or weird items in the subject line and / or preheader? If yes, that indicates phishing.
  4. Analyze the content and implied urgency: Insisting that an action is urgent, offering a special that’s too good to be true, or demanding that a company must make a payment before services are cut off are all signs of phishing.
  5. Beware of formatting red flags: This is where most people catch phishing attempts. If the email has strange formatting, spelling errors or bad grammar, or company colors, fonts, and logos are “off”, it’s most likely phishing.
  6. Be wary of unexpected attachments like PDFs or Word documents: If you aren’t expecting an attachment or an attachment looks suspicious because it has a strange name, the attachment might be malware or ransomware, which are usually deployed through phishing.
  7. Use caution if a message asks you to log in through a new link: Hover over the links that a message asks you to click to see if they’ll lead you to the company’s actual domain or log in on their site directly. Phony password reset requests are a staple of phishing.

If your email address has been spoofed, breached or if you have been a victim of a phishing scam and have concerns about your system or network, our team is happy to help. For information on how to secure your data and protect your domain reputation, contact a member of our sales team by calling (949) 699-6619 or email us today.

Written by Nicole

Nicole is an Office Administrator at Orange County Computer and has been with the company since 2021.

← Protect Your Business From a Cyberattack!
How remote employees could compromise your network →

Recent News

  • AdSense Fraud Campaign: Is your site infected?
  • Looking for a Windows 10 Download? You’re Out of Luck!
  • Celebrating 25 Years as a Technology Solutions Provider!
  • The Southwest Airlines IT Meltdown
  • ‘Tis the season… to avoid holiday scams!

Contact Us

Orange County Computer, Inc.

26150 Enterprise Way, Suite 400
Lake Forest, CA 92630

949-699-6619

Recent Posts

  • AdSense Fraud Campaign: Is your site infected?

    Last fall, website security and performance specialists Sucuri reported on a mal...

  • Looking for a Windows 10 Download? You’re Out of Luck!

    On January 31st, Microsoft stopped the direct sale of Windows 10 licenses on its...

Search

    • Home
    • Site Map
    • Remote Support