Internal vs. External IT – Which one should you choose
August 14, 2018
10 Business Features of the Apple iPhone – Increase your productivity with these iOS 12 features
September 21, 2018

What is Phishing

What is Phishing?

You may have heard of phishing but may not know what it is or how to protect yourself from a phishing attack. Phishing is the simplest and most common cyber attack method to carry out, and your inbox is always at risk for a potential attack. It’s called phishing because the process is just as it sounds, cybercriminals are sending out a ‘lure’ to entice recipients to ‘bite’ and disclose sensitive information. Phishing attacks are usually carried out via email, but in recent years have spread to other areas like phone calls, apps, and social media. A phishing attack is designed to get you to hand over personal information like usernames, passwords, banking information, or other sensitive data that they can exploit to get money or account information from you.

Phishing Emails

We’ve all heard of the emails from a so-called Nigerian prince, needing some money to cover legal fees to transfer a large sum of money from an overseas account. In exchange for helping him cover legal costs, you will get a portion of the funds from the account. The emailer could promise up to millions of dollars, but then once you send them the money, they disappear forever. These scams are very well-known, and most people know to avoid them.

Today, phishing emails have gotten much more elaborate than a Nigerian prince needing money to cover legal fees. You could receive an email that looks entirely legitimate, prompting you to confirm your account details or update your billing information. These emails can come from what appear to be real companies, like Amazon or Charles Schwab. Here are some things to look out for if you receive an email that seems suspicious:

  • Make sure the email is addressed directly to you. Emails from companies that start off with ‘Dear Recipient’ or ‘Dear Customer’ should raise a red flag. If it’s genuinely your bank or some other company, they will have your name and will address you accordingly.
  • Check the sender’s email address. At first glance, an email may look legitimate, but there could be misspellings or inaccuracies that prove this is a phishing attempt.
  • Check for grammatical errors and hover over any links to see the web URL. Some phishing emails don’t make sense when read carefully, so make sure to read the contents of every email you receive. The email could prompt you to click a link to update your information, but that is how cybercriminals can snag you. They redirect you to their own site, and that’s where they collect your information. Check the URL first before you click on anything, and don’t click on links if you don’t know the sender.

Any of these things can raise a significant concern that you are the target of a phishing attempt. If you suspect that an email is a phishing attack, here are the steps you can take to protect yourself.

  1. Navigate to the webpage on your own. If you think a link looks suspicious in an email, go to the actual URL of the company and update your information directly from the legitimate site.
  2. Implement an antivirus or web tool that can identify malicious sites. These tools will alert you if you click on a link that is not legitimate, preventing you from entering your sensitive data.
  3. Deploy a Business-class Firewall and turn-on Email scanning or other security features
  4. Hire an IT Firm to run a Security assessment of your Network and IT
  5. Most important – KNOWLEDGE. Train yourself and your employees to spot potential Phishing emails

If you are a victim of a phishing attack, change all your passwords right away and check that critical accounts like banks remain unaffected. If you think you’ve been a victim and don’t know what to do, reach out to our skilled security specialists at Level 4 IT.

Other Phishing Scams

Phishing scams are becoming more common outside of the email realm. Now, cybercriminals are branching out to new technologies like phone calls or text messages. Have you received a phone call from the IRS saying you owe money and that the police are coming for you if you don’t provide payment immediately? In these situations, it’s important to use common sense. Have you ever called the IRS or any other government agency? Ordinarily, you’ll have to wait upwards of one hour on the line before you get through to a representative. And now they’re just calling you directly, asking you to provide payment? If it sounds fishy (or should we say, phishy), it probably is. All government agencies typically send a letter with the government masthead at the top.

Phishing — the bait and trap scams that plague your inbox — have been around since the dawn of email. The key is to always be on alert for red flags and if you ever question the validity of an email or phone call, do not give away any sensitive data. If you believe you need extra protection or want advice on what to do after you’ve been a victim of a phishing scam, reach out to our security experts at Level 4 IT.

Level4 IT is an IT Management company located in the Northwest Suburbs of Chicago helping Chicago businesses with Cybersecurity, Disaster Avoidance, Disaster Recovery, Help Desk Services and IT Resource Management. We can help your business avoid a major, costly disaster by putting into place strong IT policies. Call us today at 888-831-6412 or contact us via