Phishing is an increasing and serious problem. Luckily, consumers and some tools are getting better at identifying and deleting them. Unfortunately for businesses, many legitimate messages get thrown away because they look too much like phishing messages. This slideshow highlights seven ideas identified by Westfield Insurance that companies should keep in mind when developing company e-mail.
Click through for seven ideas companies should remember when crafting corporate e-mail, as identified by Westfield Insurance.
Don’t request personal information from customers via a hyperlink in an e-mail. If you need information, such as an updated address, tell the customer to go to your company’s website and log in – not through a provided “convenient” link.
Personalize e-mails whenever possible. This proves that you know your customer’s name. For example, use ‘Dear John’ instead of ‘Dear Sir’.
Don’t get your customers in the habit of linking through someone else to get to you. For example, if you are going to provide a link in the e-mail, it should look like www.yourdomain.com, not www.somebodyelse.com?redirect=www.yourdomain.com. Never use the IP address in the link.
Use simple and intuitive domain names and directory paths. The longer the address line, the more likely it is for something to be spoofed and the harder it will be for your customers to recognize the falsification.
Be very cautious about using “click here” links. You may think they read better, but customers should rightly be suspicious of any attempt to obscure the destination of a link. Written-out addresses are better.
Proofread and spell-check all your communications. While more phishers are improving their English, many users still rightly assume that a grammar or spelling mistake is evidence of a possible phish by someone whose native language is not English.
Avoid messages with an urgent, threatening or time-sensitive tone. Don’t say anything about passwords and account cancellations.