broszura z napisem phishing scam

How to protect your mailbox from phishing?

Home / Security / How to protect your mailbox from phishing?
// Select the section you want to move to

Phishing is one of the most common methods of cyberattacks, the aim of which is to extort confidential user data, such as passwords, credit card numbers, or login details for various services. Fraudsters impersonate trusted institutions, such as banks, social networking sites, or IT service providers, to trick users into providing sensitive information. Phishing attacks can affect both individuals and companies, exposing them to huge financial and reputational losses.

In this article, we will present effective methods of protection mailbox and ways to increase cybersecurity for both businesses and individual users.

skrzynka pocztowa - wejście, ochrona przed phishingiem

How to recognize phishing?

Phishing attacks are constantly evolving, with cybercriminals using increasingly sophisticated methods. In addition to traditional phishing attempts such as fake emails and malicious links, new techniques have emerged:

  • • Deepfakes and AI – fraudsters use artificial intelligence to generate fake voice and video recordings, impersonating employers, clients or family members.
  • • Social media phishing – cybercriminals send messages pretending to be well-known brands or friends, encouraging you to click on suspicious links.
  • • Vishing (voice phishing) – fraudsters call and pretend to be representatives of banks, offices or IT companies, trying to extort data.
  • • QR Code Phishing – emails containing QR codes that, when scanned, lead to fake login pages.

To avoid fraud:

  1. Always verify the identity of the person you are talking to, even if you are contacting them by telephone or video conference.
  2. Never provide login details on sites opened from links in emails or messages.
  3. If you have any doubts, please contact the institution directly using the official website or phone number.
Source: https://www.smsapi.pl/blog/press-release/jak-nie-dac-sie-nabrac-na-falszywe-sms-y-infografika/

Who is at risk of a phishing attack?

Phishing it does not choose its victims – it can affect any Internet user, both individual and business. Particularly vulnerable are:

  • • Company employees – Fraudsters often target organizations to gain access to confidential data.
  • • Online banking users – obtaining login details to bank accounts is one of the main goals of cybercriminals.
  • • People using social networking sites – attacks on Facebook, Instagram and Twitter are becoming more and more frequent.
  • • IT Administrators – can become a target in order to gain access to company infrastructure.
zagrożenia phishing

How to effectively secure your mailbox?

a) Use strong passwords and two-factor authentication (2FA)

Many users do not realize how easy it is to crack their passwords. Examples of weak passwords:

  • 123456, &password, qwerty, admin – these are the most obvious passwords that are the first target of hackers.
  • Janek1990, AnnaKowalska1 – using names, surnames and dates of birth is risky because these data can be easily found on social media.
  • Password123!, Qwerty!@ – adding one special character or number to a simple password does not make it secure.

How to create a strong password?

  • • Use minimum 12 characters, preferably random combinations of letters, numbers and special characters (e.g. gT4@9!zY#hQ).
  • • Avoid repetitions and using the same password on different sites.
  • • Take advantage of password manager, which stores and generates secure passwords for you.
  • • Turn on two-factor authentication (2FA), such as Google Authenticator apps or hardware keys like YubiKey.
b) Check the sender and content of the message
  • • Never open attachments or click on links in emails from unknown senders.
  • • Check the sender's email address carefully – scammers often use addresses that are very similar to the original ones.
  • • Look for typos, errors, and suspicious language that may suggest the message is from a scammer.
c) Use anti-phishing filters

Anti-phishing filters are tools that automatically identify and block suspicious emails before they reach your inbox. They work by analyzing the content, sender, and links in the message. They significantly reduce the risk of receiving a fake email. Most popular email providers offer built-in anti-phishing filters that can be further configured for better protection.

How to enable anti-phishing filter in popular email services?
Gmail:
  1. Open Gmail and click the gear icon in the upper right corner.
  2. Select "View all settings."
  3. Go to the "Filters and blocked addresses" tab.
  4. Click "Create New Filter."
  5. In the "Contains words" field, enter suspicious phrases, e.g. "Your account will be suspended", "Urgent payment required".
  6. Click "Create Filter" and select "Mark as Spam" or "Delete."
  7. Save a filter so Gmail automatically blocks suspicious messages.
Outlook (Microsoft 365):
  1. Go to “Settings” in the upper right corner and select “Mail.”
  2. Click "Email Security" or "Junk Email Options."
  3. Enable the "SmartScreen Filter" feature and set the protection level to "High".
  4. Add suspicious email addresses to your “Blocked Senders” list.
  5. You can also enable the "Warn about potentially unsafe attachments and links" option.
Thunderbird:
  1. Open Thunderbird and click "Tools" > "Account Settings".
  2. Go to the "Spam Protection" tab.
  3. Check the "Enable Anti-Phishing Filter" option.
  4. You can also add your own rules by entering suspicious phrases or domains into the blocklist.
Apple Mail:
  1. Open Apple Mail and go to "Preferences."
  2. Select "Rules" and click "Add Rule."
  3. In the "If the following conditions are met" section, select "Sender contains" and enter suspicious phrases or email addresses.
  4. Select the action "Move message to trash" or "Mark as spam".
  5. Save your settings so that Apple Mail automatically blocks suspicious messages.

d) Always verify login pages

  • • Do not click on links leading to login pages, instead enter the address manually in your browser.
  • • Check if the site has an SSL certificate (lock icon in the address bar).
  • Additional steps to increase protection:
  • • Regularly update the list of suspicious senders and domains in your email settings.
  • • Use anti-spam services such as SpamAssassin or Cloudflare Email Security, which additionally filter messages.
  • • Do not reply to suspicious emails – this can confirm to cybercriminals that your email address is active.
  • • If you receive a phishing email, report it to your email provider – this helps improve spam filters for all users.
ostrzeżenie na laptopie o wycieku maila poza firmę, udany atak phishingowy

The latest ways to fight phishing

Cybercriminals are constantly developing their methods, so it is worth knowing the latest ways to protect yourself against fraud:

  • • AI and behavioral analysis – modern security systems based on artificial intelligence can detect unusual user behavior and identify potential threats.
  • • Secure Email Gateways – the use of advanced email filtering systems effectively reduces the number of phishing messages.
  • • Browser Alerts – the latest versions of browsers (e.g. Chrome, Firefox) have built-in warning systems against dangerous sites.
  • • FIDO2 and hardware keys – physical authentication keys (e.g. YubiKey) eliminate the risk of “password fishing”.

Phishing attacks are one of the greatest threats to Internet users, but using appropriate protection methods can effectively minimize the risk of their occurrence. Strong passwords, two-factor authentication, anti-phishing filters, and user education are key steps in the fight against fraud.

To secure your company's IT infrastructure even more effectively, it is worth using the help of experts. Our company offers professional IT support, threat monitoring and implementation of advanced anti-phishing systems. Contact us and find out what solutions we can implement for you.

Popular Keywords

Categories

Articles found:

No results found

View All Results

Recently added

zarządzanie hasłami w firmie
Corporate Password Management – Why Excel Is the Worst Idea in 2025
Porównanie dysków HDD, SSD i NVMe – wsparcie informatyczne Warszawa i okolice, pomoc przy wyborze dysku do firmy
NVMe, SSD SATA or HDD SATA? Is it worth paying extra for a business computer?
Chmura obliczeniowa w małej firmie, niebieskie tło, na nim pracownicy Proste IT - informatyk warszawa
Cloud Computing for Small Businesses: What Is It and Is It Worth It?

Search by tag

IT help Integrations Automation IT support for companies safety in the company IT for small business computer help IT specialist Warsaw IT specialist Ożarów Mazowiecki IT for small businesses how to improve wifi systems in the company IT help IT for companies computers for companies cybersecurity IT industry small companies Internet problem Software windows 11 ai for beginners Virtualization Mikrotik effective system management better wifi in the company best wifi for business best router for business company internet virtualbox small business guide what internet for business OPNsense company wifi what wifi in the company what is better OPNsense or Mikrotik mikrotik what is it opnsense what is it when to use opnsense and when mikrotik what router for business
en_USEnglish
pl_PLPolski en_USEnglish