“In a company of 1,000 employees, there will be 1,000 possible attack anchors.”

The IT department can set up complicated filtering, run security holes drills and education campaigns, and spend enormous effort to monitor traffic in details. These are all helpful. Well, all it takes, to be broken in, is just one person, one time, becomes careless and falls prey to an online campaign – which should be the real name of a Phishing Scam.

Why is it hard to stop phishing scam by these technologies?

Bad guys are already reviewing, discussing, and probing security holes in the shadows. They have a whole supply chain dedicated to improving their ability to plunder, complete in all sorts of dark endeavors.

The bad guys have unlimited time and creativity, they will find a way to bypass all security checking in fine. At that time what will happen to normal people?

Like it or not, you will have to face phishing scams someday. How to identify and avoid it? At first, you should know phishing techniques used by attackers:
  • Embedding a link in an email that redirects your employee to an unsecure website that requests sensitive information;
  • Installing a Trojan via a malicious email attachment or Ad which will allow intruder to exploit loopholes and obtain sensitive information;
  • Spoofing the sender address in an email to appear as a reputable source and request sensitive information;

With deep understanding on phishing attacks, you can know why below 5 tips can help you to avoid phishing scams:

  1. Study the links before you click.You can use Google to search the domain of links, then check if there are suspicious results.
  2. Don’t open any attachment. Unless you’re absolute sure it’s something you want to view.
  3. Check before acting as asked by the sender.You can always double check with the sender via SMS or phone.
  4. Improve your security sense by reading and training regularly. For example, you can read related articles in this blog.
  5. Install good, up-to-date security utility. Like Mr. Post, it can unveil all information for your reference.

Don’t be the next fraud victim. Install Mr. Post on Microsoft AppSource at zero cost!



[1] https://digitalguardian.com/blog/phishing-attack-prevention-how-identify-avoid-phishing-scams

[2] Photo by Hello I’m Nik on Unsplash