Skip to main content

Don’t Fall Victim to a Phishing Attack

By June 1, 2021June 9th, 2021Cybersecurity

Learn How to Recognize and Prevent Phishing Scams

Ninety-one percent of data breaches start with a phishing attack. Don’t let one person or email put your company at risk. With many companies considering flexible work environments even post-Covid, it is important to put education and best practices in place. Here are some basics to help you get started.  

What is a Phishing Scam and Attack?

Phishing is a form of attack that often uses email to get access to your company’s data. The emails are designed to get the victim to feel compelled to take action so that they will hand over sensitive information or download malware to give the attacker access to all sorts of data, records, and more.

The email can be disguised to make it look like it’s coming from a user the victim trusts and includes fake websites while disguising URLs. 

How Can I Recognize and Avoid Phishing Attacks?

There are a few precautions you can take to avoid such attacks. When you get an email, ask yourself these three questions:

  1. Should I be getting this on my work email?
  2. Am I expecting a message like this?
  3. Why is this coming from an unusual address?

If the answers to the first two are no, don’t open it! If you’re questioning the address, it is a good indicator that it’s potentially an attacker attempting to disguise themselves as someone else. You should also check links before clicking on them, and use a URL expander to check shortened URLs as attackers may hide their malicious site behind them.

The most cost effective way to protect against cyber attacks is to continually train and test your employees.

Most Common Examples of Phishing

Email address spoofing and attachment 

Although the subject line makes you want to take action to click into an attachment, the sender’s address is a clear indication that this is not from Amazon due to typos (amzn) and knowing that a message like this most likely wouldn’t come from

phishing attack fake email example


The URL is incorrect, despite looking real. “Amazon” is misspelled. 

phishing attack example url fraud


Fraud can occur in two ways: email and phone.

With email fraud, the attacker attempts to get the victim to reply to an email and provide sensitive information, like your credit card number or bank information. The email might look legitimate but the response gets sent to people who you don’t want having your information. 

phishing attack email fraud bank example

Given the word “phone”, you might assume that phone fraud happens via an attacker calling you. While that is often the case, phone fraud can also start as an email with a request for the recipient to call the attacker. Thanks to a fake phone number, once the call is placed, the caller and their information is vulnerable.

phishing attack phone fraud example

Why You Should Care About Phishing

Phishing attacks can happen to anyone, and it only takes one person from your company to expose your information and put your company at risk. Don’t underestimate the magnitude. Did you know that: 

How Alpine Cyber Can Help You Protect Your Employees and Company From a Scam

We act as your outsourced security team filled with industry experts ready to protect your company by providing: testing and simulations, professional training modules, monitoring and reporting, and informational updates. While technology can’t safeguard everything, we take the approach of educating and training your team so you can stay focused on your customers. 

Need to train your employees? Learn more about our Security Awareness Training and Phishing Testing solutions.

Frank Urbanski

Author Frank Urbanski

Frank worked for 8+ years as a Software and Cyber Security Engineer within the defense industry. At Alpine Cyber Solutions Frank oversees the Security Services line of business. He has his passions set on Incident Response, Automation, and Threat Management.

More posts by Frank Urbanski