Essay Sample on Detecting Phishing Emails: Employee Awareness is Key

Introduction

Phishing is one type of identity theft online. Phishing is done by sending email messages to the email users. They mostly claim to be from companies or individuals that are known and likely to be trusted and ask for confidential information. This information can be used to access financial accounts of the individuals. There are different ways in which an individual can detect phishing emails. Employees must get to know about phishing emails.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

A phishing email can be detected as they have certain characteristics. The following characteristic helps to know a phishing email , requests of very confidential and sensitive information. Genuine companies or individuals rarely as for confidential information ( Gupta, Tanbeer, & Mohandas, 2017). Asking for the confidential information aims at deceiving the victim into easily trusting the phisher. There is the use of promises that are not realistic. The promises that are given are too good to be true. In the presented scenario, the phisher promises three hundred dollars weekly. The earning method is said not to interfere with the victim's employment. The higher-earning given weekly is too much to be realistic.

The phishing email shows a sense of urgency. The urgency mainly serves to deny the victim time to think logically as once replied; the phisher has some information which they did not otherwise have. The phisher in the scene claimed to have used it and earned good money which may make the reader find urgency in trying as well.

It is important to educate employees about the phishing as this will help them to know the elements commonly found in the phishing email so that they can easily spot them. They are also able to see the risk associated with clicking on link and emails, especially if they are from unknown sources ( Peng, Harris, & Sawa,2018). The employees are also educated on what to do should they suspect that an email phishing. Employees are also able to know the dangers of providing essential company information.

The following recommendations need to be put in place, and they include preventing the phishing. Preventing is where the phishing is stopped before it reaches the victim (Ho et al.,2019). Prevention can be done by blocking or blacklisting the sites. The method used to do this is looking at the URLs and other websites in which they claim to be found by use of machine learning or even manually.

The other recommendation is the use of detect phishing. A method needs to be sought that will either indicate to the user when they are getting into phishing sites to avoid giving essential information or identify them so that they do not work even when the user logs into them. Web browsers also need to have defences against the phishing sites. The defences may include the use of information that pops up, indicating that a certain site is not safe. Even though this may be ignored by some people, to others, it may give a hint to think logically.

It is also important to have stakeholder training. The stakeholders will be trained to avoid falling into certain phishing traps. Such training needs to be often carried out to educate on the current phishing methods used. Stakeholders also need to be trained on visiting the programs teaching on phishing to keep updated about such sites.

Conclusion

In conclusion, there are different ways in which phishing can be detected. It is also essential to educate the employees to prevent them from falling into the trap of giving confidential details. Several measures can be put in place to avoid the effects of phishing emails.

References

Gupta, D. S., Tanbeer, S. K., & Mohandas, R. (2017). U.S. Patent No. 9,621,566. Washington, DC: U.S. Patent and Trademark Office.

Ho, G., Cidon, A., Gavish, L., Schweighauser, M., Paxson, V., Savage, S., ... & Wagner, D. (2019). Detecting and characterising lateral phishing at scale. In 28th {USENIX} Security Symposium ({USENIX} Security 19) (pp. 1273-1290).

Peng, T., Harris, I., & Sawa, Y. (2018, January). Detecting phishing attacks using natural language processing and machine learning. In 2018 IEEE 12th International Conference on Semantic Computing (ICSC) (pp. 300-301). IEEE.