top of page

Avoid Email Phishing: Tried and True Steps to Protect Your Small-Business

  • Writer: Brittany McKenna
    Brittany McKenna
  • Feb 28, 2024
  • 2 min read

Updated: Feb 29, 2024

Email phishing is all too common. This post will support you in recognizing email phishing and how to take steps toward protection.



woman checking email on phone


What is phishing?


At its most basic level, phishing is fraud. Email phishing is illegal attempts to get you to send compromising data (think usernames and passwords, SSNs, etc.), click on links, or download malware onto your computer. Ultimately, it works so scammers can log into your accounts, gain access to your personal or company information, and steal from you. They may steal your money or your identity, and it happens more than you think.


This infographic from the Federal Trade Commission shows the damage done by scammers in 2023.

infographic explaining ways in which people were scammed in 2023
Federal Trade Commission's Scams of 2023 Infographic

Bummer, right? But you can protect yourself and your company from scams like this!


How to Spot an Email Phishing Scam

Sense of Urgency

Emails that demand urgent action are attempting to get you to ignore your critical thinking skills and start acting foolish.


What to do: Stop and think!

Think: Would this person/company typically rush me like this? If they aren't your boss and hounding you about a deadline, the answer is probably no. Treat this like a scam.

Spelling, Grammar, and Formatting issues

Look for errors in these areas:

  • Spelling: Perhaps the spelling closely matches a brand name but is a bit off, or random words are misspelled, and it doesn't look like a typical typo

    • ie. Arnazon instead of Amazon

  • Sentence context: Does it sound like a native English speaker wrote it, or could it be from a translation site? Are words used in the proper contexts?

  • Lack of editing: If you are emailed from a company, this email should have been copy-edited. If it feels amiss, chances are it could be!

  • Formatting: If the overall look of the email looks unprofessional, is off-center, or logos seem to be fuzzy or placed incorrectly, these are all signs that this is a phishing scam.

Generic or Unfamiliar Greeting

Inconsistencies in Email, Domain Name, and/or Link

Suspicious Attachments

Requests for Login Information, Payment Updates, or Other Sensitive Data

It Seems Too Good to be True



So, how do you protect yourself and your company from phishing scams?

  • Train and retrain your employees

  • Your company is only as strong as your most vulnerable employee, so use the software, the multi-factor identification, and make sure you continue to talk about phishing scams and how to recognize them. In fact, maybe send them this blog post!

  • Enable Multi-Factor Identification

    • Most major email hosting should offer multi-factor identification. This is the easiest and most practical way to keep unauthorized persons out of your mailbox.

  • Let the software help! These are a couple of HDH Consulting's favorite partners:

    • Proofpoint is a cloud mail filter that intercepts messages between mail servers and the client-side mailbox (like a person filtering your mail in the post office)

    • IRONSCALES is an email security platform that scans data to look for threats


At HDH Consulting, we are always here to discuss your email security and see how we can help. Let us be your partner in IT management!

Comentários

bottom of page