Don't Get Hooked By a Phishing Attack

  1. Operate
  2. >
  3. Cybersecurity

November 11, 2021

The smaller the business, the BIGGER the risk. Small businesses are increasingly the targets of cyberattacks. According to Accenture, 43% of cyberattacks are aimed at small businesses and only 14% are prepared to defend themselves. Cyberattacks can be detrimental to a small business. Cyber incidents cost small businesses an average of $200,000 and 60% of small businesses go out of business within six months after an incident.

Phishing attacks are one of the top cyber threats to small businesses. According to new data from Avanan, one in 99 emails is a phishing attempt. Read the best practices below to help you and your employees avoid taking the bait and falling victim to a phishing attack.

What is phishing?

Phishing is an online scam that targets users by sending an email impersonating a trustworthy or well-known person, company, or organization. The goal of the scam is to steal usernames, passwords, payment information, or other sensitive information

Phishing attempts often tell a story to trick the reader into clicking on a link, opening an attachment and unknowingly giving away sensitive information. Here are four common emotional triggers to manipulate people:

  • Greed: Emails that advertise deals or opportunities that are too good to be true. For example, employment opportunities, significant sales, free products, rebates.
  • Urgency: Strict deadlines. “Act now or else” messages. “Update your account settings.”
  • Curiosity: Intriguing messages and e-cards,especially ones that seem to promise emotional connection or praise.
  • Fear: Threats or warnings that family or friends are in danger.

How to spot a phish—

Signs that an email might be a phish:

  • Unfamiliar or illegitimate addresses. When in doubt, check to make sure the email address and the sender name match. For example, when using Outlook on a work device, [External] in the subject line is a flag.
  • Generic greetings/salutations. Anyone emailing you for personal, financial, or confidential information should know your name, and use it.
  • Suspicious links or attachments. Hover over links to confirm the destination, before you click. Don’t click on any attachment without knowing where it came from.
  • Grammatical and spelling errors. Scammers are not the best writers. Bad grammar and spelling can be a clear sign of phishing.

To help protect your business against phishing and other cyberattacks always:

  • Back up your data.
  • Keep all security up to date, including the latest patches and updates.
  • Educate your staff about phishing.
  • Use email authentication technology to help prevent phishing emails from getting delivered.

When you receive phishing emails, be sure everyone in your organization takes the time to report them. Forward phishing emails to:

Click here for more tips from the FTC.

 
 

Synchrony has over 80 years of retail heritage. Synchrony Connect is a value-added program that lets Synchrony partners tap into our expertise in areas beyond credit. It offers knowledge and tools that can help you grow, lead and operate your business.

Disclaimer: We include links to another website in this article for your convenience. We do not endorse any content on these sites.

All product names, logos, and brands are property of their respective owners. All company, product and service names are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.

This content is subject to change without notice and offered for informational use only. You are urged to consult with your individual business, financial, legal, tax and/or other advisors with respect to any information presented. Synchrony and any of its affiliates (collectively, “Synchrony”) make no representations or warranties regarding this content and accept no liability for any loss or harm arising from the use of the information provided. Your receipt of this material constitutes your acceptance of these terms and conditions.