6 simple tips to make your business seem trustworthy (and not phishy)

Have you ever considered that you could be a target for phishing attacks? Or, that you might be looking like a phisher? Wait, do you even know what phishing is?

What is phishing?

It’s not a new concept. It’s been there for a while and is only getting better as the time passes. It’s a cybercrime wherein the target(s) is contacted by email, text or phone by someone posing as a legitimate institution to lure individuals into providing their sensitive data such as credit card details, passwords, etc. This information is then used to access important accounts and can result in financial loss and identity theft.

How do the increased number of phishing attacks put your credibility under the radar?

The strategies used are improving so significantly that you can barely distinguish them from harmless communication. A fraction of a second is all it takes to fall into the trap. Since the number of phishing attacks have increased and are common now, your customers are a wary lot. They delete unsolicited messages, they ‘Mark as Spam’ any email that they find suspicious and do not hesitate in clicking ‘Unsubscribe’ if they find your emails ‘phishy’ in any way.

What are the best practices to avoid looking like a phisher?

1) Have a credible domain name

Having a credible domain name goes a long way in building trust and credibility with your customers. Make sure you choose a domain name that makes you look good. For examples, compare www.mobile.tech to www.mobiletech-solutions100.com — you will find the first one more trustworthy and intelligent. So will your customers!

Here are some quick tips on choosing your business domain name:

• Keep it short, memorable and pronounceable
• Make it free of hyphens, numbers, abbreviations and misspellings
• Steer clear of copyrighted names
• Style them to be descriptive of your brand name or business
• Get innovative to make it look intelligent and to build your brand positioning

2) Brand your email id

Nobody trusts business emails that come from a cryptic Gmail id. A report by Google states that 60% of young businesses saw an increase in customer engagement; 42% saw an increase in sales after switching to a professional email address.

So, instead of sending emails from email ids such as kansascity_hotelblue@gmail.com, brand it with your domain name, which could then look like jeff@hotelblue.space.

3) Avoid Mismatched URLs

One of the most common phishing techniques is an email reporting fraudulent activity on your bank account and asking you to verify your information. In cases like these, a bad link can be hidden behind a seemingly legitimate link such as https://yourinformation.com/verify_account, to trick people into accessing unsafe websites by downloading malware.

A mismatched link means that the URL a recipient is directed to does not match the URL text used in your content. Unintentionally, you might ending doing this in your HTML email campaigns with clickable URL addresses. Email services that scan incoming mail for suspicious content will see this as deceptive linking and your email may go to the recipient’s junk folder, or it could go missing altogether.

4. Authenticate Your Email

The actual process of transmitting email messages between servers was not designed with security in mind. Phishing emails typically use spoofing to mislead recipients about where the email was sent from. A ‘spoofed’ email is a message that looks like it’s coming from a trusted source when it’s actually a fraud. Authenticating your emails validates your identity as the sender.

In fact, if Gmail is not able to authenticate your email, your profile picture will be a question mark in all the emails that you send out. This email authentication process is one of the ways for the receiver to know if your email is authentic or a phishing attempt.

Listen to this episode on Reply All podcast by Gimlet Media to know how easy it is to get phished over email:

#97 What Kind of Idiot Gets Phished? by Reply All

5. Perfect your language and grammar

The easiest way to look phishy is to use wrong spellings and grammar in your emails. Typos make it very easy for customers to not trust your email. So check and then double check your email content for any errors that need fixing.

6. Don’t ask for personal information on email; and if you do, follow the decorum.

There are instances where you have to request your customers to update their information or reset their passwords. Such emails often sound suspiciously similar to the hoax messages sent by phishers.

Maintaining a good sender reputation and email authentication are some of the guaranteed ways to make it to the customers’ inbox. However, it is important to make the email look trustworthy. So, the content of your message matters. Here are some tips on how to frame your content.

• Clearly explain the situation that has caused your business to send this urgent/important message. Actual phishing emails are generally pretty vague.
• Phishers don’t personalize their emails with recipient’s names or things like customer IDs because they typically don’t have this information. If you do, use it.
• If you need recipients to proceed to a website, make sure it’s the one they know and trust.
• Authentication aside, your “From” name and email address should accurately identify who is sending the email. Let it be a person and not an info@ or contact@ email id.
• Including a physical postal address helps as it’s typically something phishers won’t do.

Phishing attacks are one of the most common security challenges that both individuals and companies face in keeping their information secure. Taking relevant precautions and regularly updating your customers on how to avoid such attacks are some of the best ways to stay safe.