Phishing attacks are more rampant than ever before, rising by more than 162 percent from 2010 to 2014. They cost organizations around the globe $4.5 billion every year and over half of internet users get at least one phishing email per day.
The best defense companies have against phishing attacks is to block malicious emails before they reach customers with the DMARC (Domain-based Message Authentication Reporting and Conformance) standard. Brands must also work with a vendor that can offer email threat intelligence data revealing attacks beyond DMARC (e.g., attacks that spoof their brand using domains outside of the company’s control).
Unfortunately, no matter what companies do, some phishing emails will always make it to the inbox. And those messages are extremely effective—97% of people around the globe cannot identify a sophisticated phishing email. That’s where customer education comes in.
Here are 10 tips on how to identify a phishing or spoofing email. Share them externally with your customers and internally with your company.

Tip 1: Don’t trust the display name
Tip 2: Look but don’t click
Tip 3: Check for spelling mistakes
Tip 4: Analyze the salutation
Tip 5: Don’t give up personal information
Tip 6: Beware of urgent or threatening language in the subject line
Tip 7: Review the signature
Tip 8: Don’t click on attachments
Tip 9: Don’t trust the header from email address
Tip 10: Don’t believe everything you see