What is phishing?
Phishing is a form of cybercrime where an attacker poses as a legitimate institution or a known person to trick an individual into sharing sensitive information such as bank account numbers, usernames and passwords, credit card details or other personally identifiable information (PII).
How to prevent phishing attacks
Top tips to prevent phishing scams are part of a multi-layered cyber security strategy that incorporates:
- “Thinking before clicking”—educating users to recognize and report phishing, e.g., suspicious email addresses, generic greeting (Hi there!), an unusual email or instant message, grammatical errors, links outside of the organization, an effort to create panic so as to prompt hasty action.
- Segmenting networks to keep highly sensitive data restricted, making it more difficult for cyberattacks to penetrate.
- Auditing the cybersecurity environment to assess vulnerabilities, identify emerging threats, and develop defensive strategies.
Installing technology to scan all inbound email in real-time and block users from clicking on links to suspicious websites, sandbox and scan all attachments for potential security risks, and identify suspicious URLs before they are released to users.
Stop phishing emails with superior protection
As email threats continue to evolve, it takes increasingly powerful technology to stop phishing emails and prevent spear phishing attacks from damaging your organization. Hackers continue to devise new forms of email phishing scams designed to trick users into wiring money to fraudulent accounts or divulging sensitive data like passwords, credit card numbers, bank account information and Social Security numbers.
While many companies have tried to stop phishing emails by training employees on ways to spot suspicious email, nearly one-quarter of phishing emails are nevertheless opened even after employees have been trained about the most common phishing techniques. That means, to truly stop phishing emails, you need technology that can eliminate the possibility of human error and automatically prevent phishing attacks from reaching your users' inboxes.
Choose a multilayered defense to prevent phishing attacks
As phishing email scams continue to successfully breach security defenses, more organizations are adopting a multilayered approach to security strategy in order to prevent phishing attacks.
Cyber phishing attacks typically begin with an email message that appears to come from a well-known or trusted company – social websites, financial institutions and shipping companies are frequent sources. The email directs the recipient to visit a website infected by malware, or a bogus website that asks the user to divulge sensitive information like passwords, Social Security numbers, credit card information and other confidential data. Spear-phishing, a more targeted phishing threat, focuses on a specific individual or role in the company and uses additional social engineering techniques to create more familiarity with the recipient.
Mimecast email security solutions can help to prevent phishing attacks with cloud-based services that block malicious attachments and URLs and with end-user empowerment services that promote greater phishing awareness among employees.
Mimecast technology to stop phishing emails
Mimecast Targeted Threat Protection, part of Mimecast's email security solutions, scans all inbound email in real-time to stop phishing emails and other advanced threats. As a cloud-based service, Mimecast requires no additional infrastructure or IT overhead to stop phishing emails – protection can be activated quickly and easily through the cloud platform. Mimecast provides protection on and off the corporate network and on mobile devices while creating no disruption for users.
How Mimecast solutions stop phishing emails
To stop phishing emails, Mimecast Targeted Threat Protection provides three levels of defenses against the most dangerous techniques used in phishing attacks.
URL Protect offers phishing protection against malicious links in messages by scanning all inbound email in real-time and blocking users from clicking on links to suspicious websites. Mimecast scans links in both live and archived emails on every click to defend against delayed attacks.
Attachment Protect helps stop phishing emails containing weaponized attachments by pre-emptively sandboxing them and performing security checks before they are delivered to employees. Mimecast can also transcribe attachments to a safe file format that neutralizes any malicious code.
Impersonation Protect scans inbound emails in real-time to stop phishing emails that may appear to be sent from a trusted source or legitimate business contact. Mimecast searches the header, domain information and body content for signs of social engineering techniques commonly used in whaling and CFO fraud attacks. Suspicious email may be blocked, bounced or tagged with a warning.
In addition to technology to stop phishing emails, Mimecast's email security solutions can also defend against malware, spam, data leaks and other advanced security threats.
Learn more about how to stop phishing emails with Mimecast, and about solutions for Office 365 phishing and virus ransomware
FAQs: Stop and prevent phishing emails
How does phishing work?
Phishing may be carried out via email, text messages or social media, and attempts to get a victim to click on a link that appears to be connected to a known business or entity. Frequently, that link will take victims a fake website that has the look and feel of a legitimate site or a site with which they are familiar. Victims are then asked to provide information such as bank account numbers, passwords or other sensitive information that can be used to steal identities, money and information.
How to spot phishing emails?
The following clues indicate that an email may actually be a phishing scam:
- The email is not addressed to a specific person but rather uses a generic greeting such as “Dear customer.”
- The email encourages you to click on a link.
- The email contains grammatical errors.
- The email asks you to confirm personal information.
- The email contains a suspicious attachment.
- The email is written to create panic and encourage you to act quickly.
- The email has a fake invoice attached.
- The email contains an offer that seems too good to be true.
- The email includes claims there’s a problem with your account or your payment information, or that there have been too many login attempts or suspicious activity on your account.
- The email has a mismatch between email addresses or URLs that appears in the body of an email and the address shown when you hover your cursor over it.
How to prevent phishing attacks from entering my mailbox?
To prevent phishing attacks from reaching end users, companies can deploy a variety of protective measures that include:
- Anti-malware and anti-spam protection that filters incoming email and blocks phishing attacks from reaching users.
- DNS authentication measures that use DMARC, SPF and DKIM protocols to identify and stop suspicious messages.
- Email scanning and filtering technologies that scan all email and prevent users from clicking on malicious links or opening weaponized attachments, and that identify malware-less attacks that use social engineering techniques to impersonate a trusted source.
- Two-factor authentication protocols that prevent attackers from using information they’ve stolen to access accounts.
How to stop phishing emails?
Preventing phishing requires a multi-layered approach to email security. This begins with security awareness training that helps employees to recognize the signs of a phishing email and to avoid divulging sensitive information. Using powerful filtering tools that identify phishing or impersonation attempts can help to prevent phishing emails from reaching employees’ inboxes. Security tools that scan email attachments and URLs within emails can help to neutralize malicious links.
What to do if I can’t prevent phishing attacks?
It’s unlikely that you’ll be able to prevent phishing attacks 100% of the time. If you happen to click on a link or provide information on a site you believe to be part of a phishing attack, you should immediately take these steps:
- Disconnect your computer from the Internet to prevent any malware installed on it from spreading or from communicating with attackers.
- Let your company and your IT department know what happened as soon as possible so they can limit the damage.
- Scan your computer for any malware or viruses that the phishing attack may have downloaded.
- Change your login information on accounts that may be compromised by the information you have given to prevent attackers from gaining access your accounts.
- Report the phishing attack to the Federal Trade Commission (ftc.gov/complaint), the Cybersecurity and Infrastructure Security Agency (phishing-report@us-cert.gov) and the Anti-Phishing Working Group.
What is phishing vs. spear-phishing?
Spear-phishing is a type of phishing attack that is much more personalized to the victim. Where phishing attacks cast a wide net, spear-phishing attacks are usually targeted at a one individual at a time. Spear-phishing typically uses social engineering tactics, where attackers learn about a victim from social media sites such as LinkedIn, Facebook or Twitter. Attackers use this information to send an email that appears to be from someone familiar and which encourages the target to divulge sensitive information or wire money to a fraudulent account.
