23 years
97.9 Customer Satisfaction Score
200k Tickets Closed
83% resolved remotely
97% Resolved within SLA Goal

Office Worker with Spear Phishing email

Top Ways to Avoid Phishing Scams (Including Spear Phishing)

Phishing scams — and, increasingly, spear-phishing scams — are the number one way that cyber hackers gain access to closed computer systems, steal information and money, and corrupt data.

Let’s take a look at what phishing and spear-phishing scams really are, how you can spot them, and how to help your organization avoid their highly detrimental consequences.

Phishing and spear-phishing: What’s the difference?

Both phishing and spear-phishing are forms of email-based cyberattacks.

Essentially, both terms refer to email-based attacks that attempt to gain personal or sensitive information using deceptive or disguised emails appearing to be from legitimate sources.

Phishing is the broad term for these attacks. Spear phishing only differs in that these email attacks are specifically targeted at an individual. This may mean that the email includes the individual’s actual name, address, and/or phone number. Or, the email may reference other personal information, such as the individual’s workplace, work position, alma mater, or where they bank.

Here are some examples of spear-phishing emails you may have seen before:

  • An email appearing to be from your actual bank: “Dear YOUR NAME, Your debit card may have been compromised. Click here to login to your account and check your statement.”
  • An email appearing to be from a store where you frequently shop online: “Your recent order from XXX STORE has been dispatched. Go here to track your shipment.”

Notice that each example includes a place where you should click. This is by design. Often, simply opening a phishing email will not result in any issues; however, clicking on a link inside the email can actually be enough to cause the bulk of the issues (sometimes, major issues). A police department employee in Florida recently opened a phishing email link that led to ransomware being installed on the city’s computer system. In the end, the ransomware cost the city hundreds of thousands of dollars.

How can clicking on a simple link end in such disaster?

The answer is malware.

Malware is a shortened term for malicious software. This software can be automatically downloaded to your computer and/or entire computer system and network by a “trap door.” These trap doors are disguised as links, attachments, login fields, or downloads, which are embedded within phishing emails.

If hackers can get a spear-phishing target to click on their “trap door,” they can use that gateway to install malware onto your system. And once this happens, your entire network and data are at risk.

How Can You Spot a Phishing Email?

Phishing emails often have specific features, which should raise red flags right away:

  • The message is unusual (comes at an odd time, is from someone you don’t know, is in a bizarre tone, makes a bizarre or out-of-the-blue request).
  • The message makes you panic (e.g., “Your money has been stolen!”).
  • The message is threatening (e.g., “If you don’t click here now, you risk losing your job.”).
  • It’s written poorly, as if by a non-English speaker.
  • The email includes personal information … but not very much.
  • The sender’s email address or the web address they want you to navigate doesn’t look right.

What Should You Do if You Think You’ve Received a Spear Phishing Email?

If you think you or someone else in your company has received a phishing email, do nothing at first. Remember that clicking on links, downloading attachments, and opening files or pictures are all the things that hackers want you to do, which is exactly why you should never do them if you are suspicious of an email.

On the other hand, some emails may be clearly legitimate. It’s important to know the difference.

For example, if you speak to Ross from accounting in person by the water cooler, and he tells you he’ll be sending over an invoice you need to sign in the next 10 minutes, if you get an email with an invoice attachment from Ross in the next 10 minutes, the email’s probably okay.

If you get an email from Ross out of the blue on a Saturday? And you didn’t expect it? And it’s not in the tone that Ross usually uses?

This is when you shouldn’t do anything. Instead, check the legitimacy of the email. Do this either in-person or over the phone. For example, call Ross or wait until Monday to speak with him personally. Double-check that he sent the email. If it turns out the email cannot be accounted for, contact your company’s IT security department immediately.

Train Your Employees to Spot Phishing and Spear Phishing Emails

Understanding and following these guidelines as a CEO or manager is important, but remember that spear-phishing emails can target your employees as well.

For this reason, ensure that all of your employees know and understand:

  • What phishing and spear-phishing emails are
  • How to spot these emails
  • What you should never do with a suspicious email (click, download, or login via the email’s prompt)
  • What to do if they suspect they’ve received a phishing email

By following these guidelines, you can keep your business safe from phishing scams and the subsequent ramifications.

Schedule your No-Obligation IT Assessment with Palindrome Consulting

Schedule Now

Elizabeth Mitrani
Elizabeth Mitrani
17:23 06 Aug 19
Palindrome Consulting was key in establishing my business and helps me keep it running. They are the consummate... professionals, incredibly knowledgeable and are always available to help. They have gone above and beyond to ensure that I was up and running quickly and that any issues that may arise on my end or dealt with immediately. I highly recommend Palindrome Consulting.read more
Moshe Rubinstein
Moshe Rubinstein
14:57 28 Jun 19
They are there every step of the way. Responsive and timely. The full service mentality mixed with the problem solving... abilities, is what makes them an easy choice.read more
Benjamin Wainberg
Benjamin Wainberg
14:09 28 Jun 19
Palindrome Consulting is customer centric. For Palindrome Data Safety is paramount; they keep their and our systems... updated with the newest technologies and are not shy at changing to better alternatives. Their platforms are always running and in the odd case there is an event, their technical team has an awesome response time.read more
Copier Man
Copier Man
13:56 28 Jun 19
We have been using Palindrome since 2005. They make my company feel like we are #1 all the time. Expert staff are... always available to help all my users all around the country.read more
Martin Feldman
Martin Feldman
16:43 26 Jun 19
As a partner in Fischer & Feldman, P.A. we have utilized Palindrome Consulting as our IT experts for many years. In... addition to keeping our server up and running, they are available to consult on the everchanging cloud and web landscape. We could not function as a successful law firm without their constant care, attention and almost IMMEDIATE RESPONSE TIME.read more
Rebecca Fischer
Rebecca Fischer
16:39 26 Jun 19
Palindrome has been my IT company for more than 15 years. We have been through four server and computer replacements... over the years all of which went smoothly. As technology has changed Palindrome has kept us current in their recommendations and are extremely responsive when we run into a software or hardware problem. We have been through hurricanes with Palindrome and felt confident they would have us up and running as quickly as possible and despite the fact we are probably a smaller client, they have treated us as one of their most important clients. I highly recommend Palindrome and have complete confidence in their capabilities and service. They have even gone the extra mile when we wanted to donate our old computers to a children's special needs school and delivered the computers, set them up and provided service for the same. Ilan Sredni is the consummate professional and has surrounded himself with top professionals and skilled technicians.read more
Nelson T
Nelson T
20:32 25 Jun 19
Palindrome Consulting has proven itself time and time again to be the epitome of professionalism and technical... expertise. They take the time to listen to your needs and then apply their wealth of technical knowledge to create truly innovative and robust solutions. They truly deliver piece of mind.read more
Next Reviews