The FBI estimates phishing scams have resulted in billions of dollars in fraud losses over the last five years. According to FNTS Information Security Architect Richard Kalinowski, there has been an increasing number of these targeted email cyberattacks across the globe, and phishing emails are sailing past spam filters and into company inboxes with more regularity. Kalinowski outlined proactive and protective steps for organizations in a recent article published by Tech Radar:
“Being proactive is the key to keeping organizations and individuals safeguarded. I recommend companies and/or individuals:
- Purchase domain names that are similar to your own domain, or that could be easily glanced over if a letter is replaced. If purchasing these domain names isn’t possible, you can block inbound emails from these domains.
- Add a spam filter that warns users if the message they’re receiving is originating from outside the organization. Seeing that warning can remind you to stop and think before responding.
- Call if you’re unsure. Scam emails usually sound urgent to get you to engage, asking things like, “Are you available for a quick task?” Making a phone call to the organization president or perceived sender will ensure that the email sender is who they say they are.
One final proactive measure is to regularly educate employees on spam and phishing email trends, as well as requesting that employees notify a supervisor or IT leader when a phishing email is seen.”