The latest example of this used Netflix as a springboard. Recently, Netflix began making noises about an upcoming rate hike. Hackers pounced, crafting an email that appeared, at first glance, to be from Netflix, asking users to verify their account information. The email used the company’s logo, and a URL that looked as though it could plausibly have come from the company.
Of course, there were some problems with the email. The syntax in the body of the email is clearly amateurish and would, in no way, come from the company itself, but honestly, when most people get an email like that, they seldom look too closely, and are more interested in making sure their streaming service doesn’t get shut off.
As with any phishing scam, it pays to pay attention, and even if and when an email looks legitimate, rather than clicking the embedded link, you’re much better off opening a new browser tab and manually type in the address. Doing this will virtually guarantee that you never fall victim to a phishing scam, no matter how sophisticated it might be.
While most people know this, it’s easy to forget, and details like these, coupled with examples like this most recent one with Netflix, are perfect to use in your company’s refresher training where email security is concerned.
How long has it been since your firm last had digital security training for all employees? When is your next one scheduled? Whenever it is, be sure to include this example, or one like it when it comes to email security.
One careless moment could expose your company’s proprietary data. Don’t let that happen to you.