Hackers are increasingly targeting employees and work emails for their phishing scams. To protect your data and your company from these phishing scams, you need to make sure that all of your employees know how to use proper email etiquette. Teaching your employees how to spot suspicious emails is a significant first step. But there’s one mistake that many employees make when it comes to email security, and that’s email forwards.
Email security mistakes
We all know the signs of a phishing email. They’ll ask us for information that they shouldn’t be asking for, like passwords or private data. They’ll come from a source that looks familiar but feels slightly off, like having your bank logo but an odd return email address. And, they’ll often contain a few spelling mistakes and grammatical errors, like having a question mark in the middle of a w?rd.
When these emails come with attachments, you should be even more suspicious and careful. But, as much as we understand what we should be looking out for, many of us don’t entirely trust our own judgment and want to get a second opinion. That’s where the security problems arise.
Forwarding suspicious emails
We see a suspicious email and immediately want backup from our colleagues and friends to second that the email is indeed questionable and most likely a phishing scam. This mentality is the same as when you eat something that tastes bad or weird, and we turn to our friend and say, “ew, this tastes weird, you taste it!” And then our friend tastes it, for what reason, we can’t tell you, but we’ve all done it, don’t lie. Tasting bad food and passing it around is a surefire way to ensure that everyone gets food poisoning. Forwarding a suspicious email with an attachment to all of your friends and coworkers is a surefire way to ensure that someone will open that attachment, and the damage is done. All it takes is one person on your work email network to let in a bad actor.
If you see something, say something
If you receive a suspicious email with an attachment, alert your supervisors or the IT department. Chances are you are not the only person that got it.
The sooner you get the word out that there is a malicious email floating around, the sooner you can tell everyone to ignore and delete. It’s always better to err on the side of caution. So if you see something, say something to the right people instead of forwarding it to the entire company asking for advice.
OnePointSync offers complete IT solutions to small and midsized businesses in Colorado, including cybersecurity solutions.