Don’t Fall for a Phisher's Bait


Don't Fall for a Phisher's Bait

Every type of business is a potential target for scammers using email to steal personal information or do serious damage to computer systems.

Getty Images

Whoever said crime doesn’t pay apparently hadn’t heard of phishing—the hacking technique that targets a company’s e-mail system to steal personal information or lock it down in exchange for a ransom. According to the FBI, hackers made off with more than $675 million through “business e-mail compromise” in 2017.

SEE ALSO: The Worst Things to Keep in Your Wallet

Think your employer is too small to warrant a phishing expedition? Every type of business is a potential target of phishing attacks, the Securities and Exchange Commission said in a recent report. The fake e-mails don’t have to be sophisticated to do serious damage, either. All it takes is for one employee to respond to an offer of a free salted caramel latte to send a company’s computer network into a tailspin.

To avoid being that employee, stay alert for signs that an e-mail may be coming from an unsavory source. Looking beyond the sender’s display name is the most effective way to identify a phisher, says Debraj Ghosh, head of Microsoft Security Product Marketing. Closely examine the user name and domain name, especially the spelling, Ghosh says. If you receive an e-mail from “,” for example, mark it as spam and move along.