For most of us, it’s hard to remember when the term “phishing” wasn’t a part of everyday language. Yet, recognizing an email phishing scam is harder than you might think. Email hackers are great at pretending to be someone you know or an organization you are likely to interact with. They use this disguise to trick you into sharing valuable information or downloading malware. The key to avoiding this type of attack is to recognize the bait. Below, we’re serving up eight tips to help you recognize and avoid email phishing scams.

TIGHTEN YOUR DEFENSE AGAINST PHISHING SCAMS

Modern phishing scams are sophisticated and hard to detect. They depend on you to miss small details or act quickly when pressured. Reacting to a phishing email is like opening a locked door and inviting a hacker into your system.

Use these 8 tips to keep your organization safe:

  1. Verify the sender’s email address. When you get an unusual email from someone you know, check the sender’s email address (in the “From” field at the top of the email) against previous conversations to ensure it’s exactly the same. If it’s off by even one letter, delete it.
  2. Watch for poor spelling. Spelling and grammar errors are often a sign of fraudulent activity. Misspellings are especially common in sender email addresses.
  3. Never give out sensitive information. Responsible businesses know the dangers of cybercrime and avoid asking for personal information. Never share personal information through email.
  4. Be wary of urgent messages. Emails that suggest you need to immediately respond are designed to play on your emotions and compel you to take action before you can investigate the situation or even realize the email may be bogus.
  5. Call to verify requests. When you’re unsure about an email request, take a moment to call the sender for confirmation. Whether it’s an association administrator or a club member, they’ll likely appreciate your caution.
  6. Avoid opening unsolicited attachments. Attachments can introduce malware or allow a hacker to gain access to your system with a single click. Never open an attachment you weren’t expecting without first confirming with the sender.
  7. Verify hyperlinks. Hyperlinks are convenient, but they’re not always honest. A hacker can create a hyperlink that says anything they want it to. Before clicking any link in an email, hover over the link to see a popup of the web address to ensure it is legitimate. When in doubt, directly search for the website yourself.
  8. Report suspicious emails to your organization. An attacker targeting you is likely to turn to a similar target if you don’t take the bait. When you’re unsure about an email’s validity, report it to your manager for further investigation.
ARE VOLLEYBALL CLUBS A TARGET FOR PHISHING EMAILS?

Unfortunately, they are. Your club operation is similar to that of a small business in that you gather and store personal information and collect payment for various membership requirements. Data theft is the goal of 85% of phishing attacks, leading attackers to focus on any organization likely to collect personally identifiable information (PII). Your ability to recognize the signs of a phishing scam can prevent attackers from stealing and selling your members’ personal information and can save you a lot of aggravation.

CLOSING THE BLOCK: CYBERSECURITY HOT TIP

Never click “Unsubscribe” on emails.
While clicking “unsubscribe” seems like a convenient way to opt out of unwanted emails, it can be a trick in phishing scams. In a best-case scenario, clicking unsubscribe shows scammers your email is active, making them likely to send more emails. In a much worse situation, the unsubscribe button could be a phony link that immediately infects your device with malware. Instead of unsubscribing to unwanted emails, mark them as spam and let your email carrier take care of the problem.

View more technology related education here.

About the Author
Brad Preston is a client advisor at World Insurance Associates (World) specializing in the Sports industry. Prior to World, he spent more than 20 years at Advanced Event Systems and SportsEngine where he worked closely with the JVA and other member clubs in the volleyball space. He is well versed in club operations, staff, and member management, and most importantly, the use of technology and its inherent cyber risks. The JVA and World have partnered together to bring JVA Members educational articles and content to help you learn about your unique cyber risks and exposures, and how to better protect your businesses, members, and families in general. Feel free to reach out to Brad directly with any questions at bradpreston@worldinsurance.com