Are you concerned about your firm's cybersecurity?

Are you worried about your team member's password use?

Are you concerned about your firm's cybersecurity?

Are you aware that password management is a critical aspect of effective cybersecurity, and that failing to implement strong password policies could leave your business vulnerable to cyber attacks?

SSST #40 – Turn Off Your Brain’s Autopilot Feature

Freely do I confess to you that there are times throughout the day when I put my brain on autopilot. But who among us doesn’t?

Unfortunately, while sliding our minds into self-driving mode has its advantages (for example, it lets us multitask better), it’s also a risk-strewn practice.

It’s risky because it can distract us from scrutinizing incoming emails for telltale signs of a phishing attack.

And unless you’re paying attention, you may mindlessly open baited emails and then hook-line-and-sinker download their malware-laced attachments or click on their lethal links.

That’s why you have to turn off your brain’s autonomous control mechanism when perusing emails.

With yourself back behind the mental wheel (and your psychological hands firmly gripping it at the 10 o’clock and 2 o’clock positions), you’ll be more likely to spot these indicators of phishyness.

1. Requests for confidential personal or financial information. My personal favorite is the one where the sender sheepishly confesses to having lost my Social Security number and would I please be a sport by “resupplying” it.

2. Unusual “from” or URL addresses. A real email from, say, your bank might have an address along the lines of “[email protected]” as opposed to “yourbank_customer[email protected]” or “[email protected]/LOL_sucker.”

3. Attachments and links. Never download or click these without first confirming by phone to a trusted number in your Rolodex or via a reply to a known-valid email address that the purported sender actually did, in fact, send the email in question (tournament-level phishermen know how to counterfeit with stunning accuracy the appearance of emails from your family, friends, colleagues, and companies with which you do business).

4. Misspellings and poor grammar. Emails containing language gaffes are rarely sent by legitimate businesses and government entities. Cybercrooks, however, are far more eager to con you than to impress you with eloquence or dictionary skills. 

Bottom line: phishing is a serious cyber threat to you and your firm, but you can defend against it. Learn how by checking out this page:
Comments are closed.

Want to receive more
Stupid Simple Security Tips?
Sign up below.


The Security Checklist for Busy Lawyers

The Security Checklist for Busy Lawyers