Grace Hill Training Tip of the Week
How to Avoid Email Phishing Scams

This October is the 15th annual National Cybersecurity Awareness Month. What better time to focus on promoting cybersecurity awareness within your company?
Email is one of the most used electronic technologies, with billions of messages sent each day. Email is also the most popular and effective method of cyber attack. In the first half of 2017, one in nine email users encountered email malware, and users encounter threats that come through email twice as often as any other method of infection. A common misconception about cyber attacks is that they involve sophisticated tools and tactics to hack into computers and steal data. Not true! Criminals have learned that it’s much easier to take advantage of human nature and trick people into making a mistake.
Email phishing is the number one method of a cyber attack. Its effectiveness lies in criminals using simple deception to take advantage of common human behavior. We tend to want to trust people and this is what criminals are banking on. A common phishing attack strategy is to send out an email that appears to be from a trusted source. The email may ask the recipient to reset a password or submit other personal information. When the recipient clicks on the link and enters their current password information, the hacker has it.

If you think it’s obvious and everyone knows about phishing attempts, think again. Data show that in 2016, 1 in 14 computer users clicked on a malicious link or attachment and 25% of them did so more than once. And once the “door was opened”, in 95% of the cases, malware was installed on the computer to steal data.
Scammers will often make you believe that they need your information quickly, or something bad will happen. They tell lies to get to you to give them sensitive, personal information. Phishing emails may appear to come from a real financial institution, online shopping site, government agency, or any other service, business, or individual. But what they typically have in common is they take advantage of our likelihood to “click first and ask questions later.”
As with all cybersecurity issues, your best defense against getting caught by a phishing scam is common sense. To protect yourself from phishing scams make sure you:
- Are careful about what you download to your computer.
- Keep software and security patches up to date.
- Don’t click on links sent in unfamiliar or suspicious emails, tweets, posts, online ads, or attachments.
- Do not use personal email accounts for company business
If you receive a phishing email, forward it to spam@uce.gov – and to the organization impersonated in the email. And remember – if something seems too good to be true, it probably is!
Contact Grace Hill at 866.472.2344 to hear more about our new Cybersecurity course series for employees and supervisors, which is tailored to the property management industry.