News & blogs

5 tips to prevent phishing

19 Jun

It's half past four on a Friday afternoon. You're about to switch off your computer and go for a late beer when an urgent email arrives:

An invoice is due today. Did you click on the link in a rush? In that case we’ve got some bad news for you - you've just became a victim to a phishing attack. With one simple click, all your sensitive data has been stolen. In today’s blog, we will provide you with five tips on how to prevent phishing and avoid such phishing attacks.

1. Identify the sender

In the case of phishing, criminals try to gain access to your data or money in various ways. They often disguise themselves as a company, supplier, or acquaintance to increase the credibility of their request. A text message from your wife, for example, is less surprising than one sent by an unknown number in a foreign language. However, the number of people still fooled by obvious phishing emails is alarming.

Unfortunately, phishing emails are becoming increasingly refined and use every trick in the book to appear credible. Especially with the developments in artificial intelligence, the possibilities for criminals are limitless. Security Magazine reported a 50% increase in phishing attacks in 2023 compared to 2022—in this case, we're not talking millions, but billions.

If you have any doubts about the sender's identity, contact them by phone to verify the message. Do not call the telephone number given in the message; use a number you know. You can also always contact your company's security manager if you have received a suspicious message.

2. Secure your data

It may seem obvious, but don't give your data to just anyone. Be particularly careful if you are asked for a PIN code, password, passport details or payment information, as this information should never be requested by email, SMS or telephone. Never give out this information, even if you are asked for it.

You should also be careful about giving out information such as email addresses, telephone numbers, or contact details. Even if it seems harmless, criminals can do significant damage with this data, for example through identity theft, targeted phishing attacks (spear phishing), or other illegal activities.

3. Check for spelling mistakes

Writing English can be challenging, and it's no different for criminals. In some cases they are having such a horrible time with it, that they will blow their own cover. Emails filled with spelling mistakes might instantly be a warning sign. But be mindful of small nuances as well. Criminals can make subtle spelling mistakes to cleverly trick you into thinking the sender or link is legitimate. Do you recognise the errors in the following examples?

• rnicrosoft
• LinkeIn
• Goog1e
• Amaz0n

4. Take your time

Most of the mistakes are made when you’re not paying attention. Friday afternoon is one of those moments where your alertness makes room for finalising the last tasks of the week and daydreaming about the weekend. If you receive an urgent email that can’t wait until Monday, you need to act quickly and make the right choices. The right choice is to pause and ask yourself the following questions:

• Is it credible to think that this email is urgent?
• Is the message unexpected?
• Is the message too good to be true?
• Is the sender a well-known person and is the email address correct?
• Are there any spelling mistakes in the email? How about bad grammar?
• Have you checked the link or attachment and is it safe to click on it?

Phishing messages are designed to deceive you and exploit urgency, so we instinctively have less time to carry out these security checks. Even if the answers indicate that the email is safe and legitimate, you should proceed calmly.

Tip: Save this image and keep it with you in case you come across a suspicious email.

5. Be vigilant: how can you protect yourself against phishing?

We could share dozens of other tips with you (and we're happy to do so with our training platform 😉 ), but the most important tip for preventing phishing is to always remain vigilant. We're only human, and where people work, mistakes are made. By paying attention to incoming emails, text messages, and phone calls, you can identify many dangers.

How do your colleagues react to phishing?

Would you like to test your colleagues on phishing? With our free phishing test, you can try our security awareness platform for 28 days. Choose from over 30 ready-to-use, multilingual phishing templates or create your own email and start phishing up to 5,000 users. Request a free phishing test for your company now!