Phishing isn’t a new tactic, nor is it something most email marketers would ever participate in. However, in today’s cyber world, it’s worth understanding and protecting against…after all, if it’s perceived by your customers that a phishing incident has taken place, it could negatively impact your company’s reputation and your bottom-line.
Phishing Basics: Definition
So what exactly is Phishing? Well, according to Wikipedia, phishing is defined as follows:
Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.
Phishing is typically carried out by email spoofing or instant messaging and it often directs users to enter personal information at a fake website, the look and feel of which are identical to the legitimate site, the only difference being the URL of the website in concern. Communications purporting to be from social websites, auction sites, banks, online payment processors or IT administrators are often used to lure victims. Phishing emails may contain links to websites that distribute malware.
Phishing Basics: Protection
Now that we have a clear understanding of what phishing is, let’s discuss how you can protect yourself, and your clients, from these scams.
- Solidify Your Business Processes – If you deal with large transactions, include a secondary verification step in your process. The second step could be a verification email, manager approval code, or phone verification. While it may cost you a small amount of time to perform this second verification step, it could save you a great deal of time and money in the future should you have to rectify the fallout from a phishing scam.
- Stay On Top of Technology and Education – Continuing education will be key to your vigilance! Keep your finger on the pulse and stay educated on new technology and tactics. Subscribe to newsletters from security and industry websites that will help you stay informed.
- Develop a Plan – The hope is that you’ll never need it, but don’t wait until it’s too late…develop a response plan now so if a phishing attack should take place, your company and your customers will be able to respond quickly and minimize the damage.