ADVERTISEMENT

Jack Koziol, Infosec Institute: “cybersecurity knowledge gaps at any level of the organization pose security risks”

Infosecinstitute
Anna Zhadan
Anna Zhadan Contributor
Nov 16, 2021 Updated: 15 November 2023 8 min read
  1. A sense of urgency with a call to action. Cybercriminals look for individuals to quickly respond or act, granting them access to your system and information. They often use scare tactics or urgent language such as “update immediately” to get individuals to click on malicious links.
  2. An unexpected or unsolicited email. If you were not expecting an email from the CEO or did not order a package from FedEx, you should not respond to an email about it. Often, cybercriminals will impersonate people and companies you know to entice you to click or respond.
  3. The use of impersonal or general language. In many phishing attempts, you will see general language referring to you as a “user” or “customer” rather than by your name. Their request may also be vague to entice you to engage.
  4. Last but not least, misspelled words, mismatched URLs, and incorrect information like the date or location for the company trying to contact you. If something looks off or does not match up, it’s best to report the email to your IT team or email provider for them to investigate.
ADVERTISEMENT
ADVERTISEMENT