There are many common Phishing tactics being used for Social Engineering by the bad guys. Many of these techniques create a sense of urgency for the user, getting them to quickly click on the link or just open a file attachment with a payload without thinking.
There are a few checks that you can do to verify if an email is real or fake.
- Check the senders email address. Do you recognize the email address?
- Check the “To” email address. Did this email go to your email address or were you CC’d.
- Check the Link in the email message. Hover your mouse over the link to see where the link is really going to take you.
- Check the attachment in the email. Question the attachment; were you expecting an email with an attachment.
- Check the body of the message. Is there any spelling or grammar mistakes?
Remember to always Think before you Click!!!!!
Falcon Network Service’s Security Awareness Training program encompasses a complete training framework to prepare your employees for these types of threats and strengthens your companies Human Factor.
Our Security Awareness Training Program includes:
- Security and Compliance Training videos that are updated every quarter.
- Phishing tests against your employees, which get more difficult as they progress through the training.
- Additional training for employees who click on any of the Phishing test emails.
- Random Vishing tests will be conducted on the employee’s desk phones.
For more information visit: https://mssp.fns1.com/security-services/security-awareness-training
Reported by Stu Sjouwerman:
Below are some common social engineering schemes used by the bad guys:
- Fake invoices, POs, and RFQs
- Fake package/parcel delivery notifications
- Fake file delivery/sharing/signing notifications
- Bogus online account verifications/updates
- Email upgrade/update notifications
- Email password expiration notifications
- Email deactivation warnings
Read more: SC Magazine
OUR SECURITY SERVICES INCLUDE:
- Risk Assessments
- Penetration Testing
- Web Application Testing
- Security Awareness Training
- Managed SIEM
- Managed Security Services (MSSP)
- Security Consulting