In this day and age, an email can be enough to shut down your entire business. This is why it is important to have good habits when it comes to opening emails. Here's a list of the most important steps your employees can take to make sure emails and attachments are legitimate:
- Always check the name of the sender and make sure the domain in the email address matches.
For example: If the name of the sender is Lenmark, then the email address should be in the lenmark domain like so: email@example.com
- Always check links to make sure that the address matches the entity. So for example if you received a google drive link then it should look like https://drive.google.com/xxxxxxxxxx . To check links inside emails just hover your mouse cursor on the link. Then it will be visible in the bottom left of your inbox window and it might pop out above your cursor depending on the software you are using.
- Pdfs, jpegs, pngs, zips, xls, docx and pptx files are all fine to open. You should not open .html files, .exe files or dll files. Should you open a compressed archive (zip file) then the contents are subject to the same method. Do not open .html, .exe or dll files without your IT's approval.
- If you opened a PDF file and it contains a link, do not open the link without your IT's approval. Sometimes these links take you to pages that attempt to phish your account information
- Any emails that seem legitimate and ask for any kind of authentication (email or password) should be brought to your IT's attention.
- If your passwords never expire make sure to let your employees know. Some phishing emails use the "Your password expired" tactic.
- Some phishing attempts also use storage space as a tactic. Make sure that your IT department is always on top of storage space for your email addresses and these emails can be ignored.
- General rule of thumb is that if the email is badly written then it is probably a scam.
- If the images in the email are blurry then it is probably a scam.
I hope this information can help secure your email-based communications.