In an era marked by rapid technological advancement, the threat of cybercrime, especially phishing attacks, looms large for companies in the apparel decoration industry. These faceless criminals exploit email vulnerabilities to gain access to sensitive information, such as credit cards, bank details, passwords, and logins. This article aims to empower apparel decoration companies with practical insights to identify, stop, and prevent email scams within their organizations.

Spotting Phishing Emails

  1. Sense of urgency. Be wary and cautious of any email that provides a “link” or creating a false “call to action.” These may be things like:
    1. Verifying your password
    2. Login to claim a rewards payment, etc.
    3. Warning of account activity
      1. You have activity in your bank account or online payment service
    4. You need to retrieve or review a fax, invoice, or other type of attachment
    5. Make a payment to avoid late fees or some type of penalty

*Phishing emails often use a compelling call to action to manipulate recipients.

  1. Mismatched email domains
    1. Check for consistency between the claimed sender (i.e., a bank) and the actual email domain.
    2. The email shows the name of a bank or credit card; however, when you look at the sender, it is from a different email (e.g., it says Wells Fargo bank, but the email has a gmail.com or another non-matching domain email address).
  2. Hyperlinks
    1. Exercise caution with hyperlinks. Phishing attempts often direct users to mock sites to extract login credentials.
    2. Hover over links to preview the destination URL and verify its legitimacy.
  3. Attachments
    1. Avoid opening suspicious attachments, as they may contain viruses intended to infect your computer.
    2. Be particularly cautious if an email prompts you to download an attachment urgently.

Real-Life Example

Recently, I received an email exemplifying these red flags. The urgency was apparent, claiming to be an alert from a familiar service. However, a closer look revealed a mismatched domain and a suspicious URL when the link was hovered over. This real-world scenario underscores the importance of vigilance in the face of potential threats.

email-phishing-attempt

Credit: Thomas Falteich

You will see the following three issues related to this email:

phishing-red-flags

First, it tried to alert me with a sense of urgency.

Second, the email was a mismatch to a Microsoft domain.

Third, when I hovered over the link, you can see it is directing me to a suspicious url.

So how does your company protect itself against such malicious characters?

Preventive Measures

Here are a few simple ways to begin to protect your company.

  1. Multi Factor Authentication (MFA)
    1. Set up MFA on all of your critical accounts (banking, email, credit cards, online payment services). MFA adds an extra layer of security by requiring a second form of verification, such as a code sent to your phone, ensuring unauthorized access is thwarted even if login credentials are compromised.
    2. In the event you did accidentally give up your login information, a cyber criminal will not be able to get beyond the login screen. You can log in and reset your password.
  2. Anti-Phishing Software
    1. Integrate anti-phishing software into your organization’s security measures.
    2. Some solutions leverage advanced AI logic to identify phishing emails.
    3. For example, our company successfully detected the suspicious email mentioned earlier, allowing prompt action to mark the email as malicious by our anti-phishing software.
prevent-phishing

Credit: Thomas Falteich

You can see that a highlighted bar was on the email asking me if this was real or fake. I clicked on the “Report as Malicious,” which removed any and all similar emails from our email domain and marked that domain as spam.

Defending your apparel decoration company against email scams is a shared responsibility. By staying vigilant and implementing proactive measures like MFA and anti-phishing software, you can fortify your organization against the ever-evolving tactics of cybercriminals.

Should you have any questions or insights to share, we encourage you to reach out, fostering a community of awareness and resilience against online threats.