Phishing: though most know the dangers, many still fall victim to it every day. These attacks use many strategies to trick recipients into giving out information. Credit card numbers, login credentials, and even important documents. Hackers look to gain access to all of these using various methods.

This cybercrime can reach people through multiple platforms, but it’s most known for targeting through email. These attacks hide under the guise of someone or something familiar to the recipient. This can be their place of employment, a popular platform they use (Microsoft, Google, etc.), or even someone they personally know.

What does a Phishing Attempt Look Like?

There are a few ways to distinguish between a real message and a phishing attack. The first way to decide whether an email is legitimate or not is to look at the sender. Here are some things to look for when looking at the sender of a suspicious email:

× An unknown emailer from outside your organization

× An email that looks like it might be from an address you’re familiar with, but it’s different than usual. For example, an email from instead of

× An email from someone inside your company, but from a slightly-altered email domain. For example, the sender is instead of

A phishing email could also be sent to many people at once, targeting lots of inboxes at a time. Mass emails, especially ones including people you’re not familiar with, should be flagged and investigated.

How to Prevent and How to Stay Safe

Though checking individual emails is a good approach, there are more proactive steps you can take to keep your inbox safe.

Browser settings can be changed to enhance security while you’re using the internet. For example, Google Chrome has an enhanced protection browsing setting. It gives warning of security breaches, blocks dangerous sites, and it even stops unexpected downloads.

Businesses should look into spam filtering platforms for users to ensure company-wide security. Spam filters assess the origin of messages and scan the software of the email to determine if it’s okay to reach you. We recommend IRONSCALES. It scans emails before they reach your inbox, rather than filtering them after. An extra step of security to ensure safety.

Other practices for keeping your information safe can be as easy as making smart choices. Google, the IRS, and other entities that have access to your information will not ask for it through email. So, if an email from what looks like Google requesting your login, it’s not Google asking. Never share passwords through email (or anywhere else!), regardless of the context. Also, keep your login information secure by using smart tips when creating credentials. Change your passwords regularly –including your email password– and always use 2FA when you can.

So, now that you know what unsafe messages look like, ask yourself these questions.

× Are you as safe as can be?

× Have you gotten a suspicious email like this lately?

× Is your business safe from cyber thieves?

If you answered no to any of these questions, let’s chat.