Squash phishing by educating customers
Phishing has overtaken spam as the number one issue in the email world. While spam is a major annoyance, phishing attacks have the potential to damage brands by stealing directly from customers and taking over their identities. Squash phishing!
ISPs have therefore taken steps to teach consumers about the dangers of “phishy” emails.
The general education taking place is two-fold:
- Do not click on any links in emails that lead to a login page, instead manually visit the site of the sender
- Be extra careful with attachments that may contain viruses, trojans or malware
And there’s no doubt that if everyone were to follow these two rules, the attacks would largely become worthless.
However, I think we need to return to a place of sanity.
In January I wrote about 4 Key ESP Security areas to focus on this year and educating customers will probably remain on that list for years to come. For more tips, read this blog post: 3 Easy steps to combat phishing attacks
Do not open the attachment! Unless…
I’ve read many warnings lately advising not to open ANY attachments, mostly from companies promising that they will never send an email attachment.
I think that this is extreme.
A well constructed email program that allows customers to sign up via an email consent method, will provide them with a timely welcome email explaining exactly what to expect when they receive their encrypted and password protected documents. This way, there should be no cause for panic because the customer knows what to expect at every step.
Let’s start changing the rhetoric and teach customers not to open attachments that they aren’t expecting, especially those with dubious html or executable extensions. Also, train them to recognize a valid email that they have signed up to receive.
What steps are you taking to protect your customers from phishing?
Get in touch with us
Keen to find out more or get an expert's opinion?