How can you protect yourself?
Try to remember that lurking behind every innocent-looking email could be a giant shark waiting to make its move. This is true whether it's work or personal email, so you must treat every email with a basic level of caution.
Here are some tips to get you started:
— Protect your information
Do not send sensitive information such as bank details, social security number, etc. over email. If you really need to, make sure you know who you are sending it to and start a new email rather than replying to a thread. Check the email address carefully.
— Check the address
Be mindful of who is emailing you. Check email addresses for accuracy and look for signs of suspicious activity, for example if an email is not in the format you'd expect or a name appears to be spelt incorrectly. Email addresses made up of seemingly random combinations of letters and numbers may also be suspicious.
— Don't click on links
Hover over links WITHOUT CLICKING — the destination will show in the bottom left of your screen and you can see whether it looks right. If in doubt, Google the address you need rather than clicking on a link.
— Don't open attachments
Treat any attachment that you didn't request as highly suspect. Send to IT and security team if you're not sure whether its safe and they will check it out for you.
— Check with IT / Security
If in doubt, email your IT and security team. They will let you know whether something is safe to open or click on. It's better to be safe than sorry.
This stuff isn't complicated, but it is incredibly easy to get caught out by a well-crafted spear phishing campaign. Given the sheer amount of email we all receive every day, it's tough to remember to be vigilant. So remember that shark lurking behind you!
Sign up for CIO Asia eNewsletters.