Phishing: don’t get hooked online

Email sign with a fish hook on blue digital background. Email security and countermeasure concept

Copyright: Weerapat Kiatdumrong/123RF

New methods of stealing and using your personal information develop each day as technology changes. One of these growing attacks is phishing, a method that accounts for half of all fraud attacks. Phishing attempts often occur over email in which the sender poses as someone you know or trust, such as a coworker, vendor or business partner. These emails are accompanied by requests for information, hyperlinks or attachments. Those with links may direct you to a site with forms to fill out information – even to pages that appear to be the same legitimate pages and services you use regularly.

In fact, phishing costs American businesses roughly half a billion dollars each year. Phishing attacks can compromise your reputation, data and your business’s identity, so it’s important to know what to look out for. Phishing primarily affects businesses but can impact other industries, like education.

Phishing attacks are steadily becoming more refined but there are still some common signs to look out for and check into. Keep reading to learn how to spot a phishing email.

 1. Email content

Often times, phishing emails will contain incorrect grammar usage or frequent misspellings, in addition to random spacing or unexpected breaks in writing structure. Also, if the sender you’re receiving from typically has a signature to go along with their message, check if the message you received has the same one or none at all.

Unfamiliar writing styles from the sender may not always mean the email is a phishing attempt, but writing content is one of the more obvious signs.

2. Please (don’t) see attached

Some phishing attempts will use attachments in order to plant spyware or other viruses on recipients’ devices. These attachments may disguise themselves as other types of documents or may simply be pictures that are doctored to appear like normal documents so that you click on them as a prompt from the text in the message.

3. Consider the source

If you have concerns that your email may have come from an untrusted source, check the sender’s address in the ‘From:’ bar. On the surface, it may use the name of someone you know, but the domain name, or the true origin of the email, may be listed as an address with a series of jumbled letters and/or numbers, rather than the expected address.

While you shouldn’t click on links from emails without solid knowledge that the sender is safe and verified as trustworthy, if you do happen to click on the links and the site brings you to a page, be sure to check the website domain (address bar). Unsecured sources will be listed as ‘http://” sites whereas secured sites will be listed as ‘https://’ and often show an icon of a lock. When in doubt, send the person you know a separate message or talk to them to see if the email is as it seems.

Other tips for protecting yourself:

  • You don’t have to be an IT company to make cybersecurity a priority. Frequently update your devices, programs and applications in order to help filter out undesired communication. Replace old tech in your office and securely dispose of it to prevent information from being taken.


  • Switch up your login passwords often to keep spammers and hackers guessing.


  • Shred documents you no longer need, especially those that list full names, emails and similar contact information. You never know what information thieves can glean from stray paperwork!


If you’d like additional tips on how to protect your information or are in need of shredding services, don’t hesitate to let us know.