Phishing Tactics and Email Security

scam button on computer conceptualizing email security

Malicious hackers use phishing as a malware tactic to pull off profitable scams with viruses and trojans. According to the Data Break Investigation Report (DBIR), phishing was responsible for 36 percent of online threats over the past year, an 11 percent increase from the previous year. 

Without ironclad email security practices, businesses are dangerously vulnerable to phishing tactics.

What Is Phishing?

Phishing attacks are small trojan programs that access your personal information while browsing a website or accessing your email.

Cybercriminals design these programs to steal your personal information, such as your bank and credit card information, without you even knowing. 

The common features of a phishing scam are:

  • Emails that inform you of suspicious login attempts
  • Fake invoices for services you did not order or receive
  • Fake security emails that ask you to confirm your identity
  • Emails that claim failed payment for services you did not order

Bad actors who implement phishing tactics present themselves as institutions you trust and ask you to share your personal information. They do this via SMS or email by encouraging you to click on a link and fill out your personal information or answer security questions.

Phishing incidents have been increasing with the rapid and widespread use of the internet. They will commonly disguise themselves as legitimate links, and their presentation has become more convincing over the years.

What Are Common Phishing Tactics?

Phishing scams are becoming more common as technology develops.

The most common phishing tactics are:

  • Deceptive Phishing
  • Whaling
  • Vishing

Deceptive Phishing

Deceptive Phishing is one of the most common phishing tactics. With this tactic, hackers masquerade as the institutions you trust to steal personal information from individuals by sending emails or SMS messages.


Whalers target a company’s top employees and executives. They capture the login details of top executives and conduct CEO fraud by using their accounts to authorize illegal wire transfers.


Vishing is different from other email-focused phishing tactics because it is carried out over the phone.

Instead of sending emails to users, hackers activate an internet voice protocol server (VoIP) that impersonates various entities to steal sensitive data from individuals.

How Can You Best Avoid Phishing for Email Security?

Although most people encounter phishing scams, they can be easily avoided if you have the right protocols in place.

Nouvustek has a specialized IT management and support team that prioritizes email security. Here are our tips to help you avoid falling victim to phishing scams.


Never enter your personal information in a pop-up window that you do not recognize or trust. If possible, limit pop-ups on your internet browser.


Make sure your security text is HTTPS and not HTTP. HTTPS links are encrypted and originate from a trusted source.


Make sure that the firewalls you have installed on your computer are active. Desktop firewalls should be sufficient for personal use, but companies need more robust network firewalls.

Need Help with Email Security?

When it comes to phishing, prevention is the best method of email security. Businesses are only as protected as their weakest link because phishing targets anyone within the organization. Contact Novustek today for more information on securing your data!