Recently our managing director, Chris Pallett, received a phishing email. This got us thinking – how equipped are most people at recognising and dealing with these kinds of scams?
Phishing emails are on the rise and becoming more sophisticated. An IT expert such as Chris can spot them, but what about your employees?
A phishing email is a fraudulent attempt to trick people into giving away sensitive information, such as bank details. The sender will usually pose as a legitimate business or contact to trick users into responding. Often it will contain a link, attachment or request for information.
Employee carelessness is reported to be the primary threat to businesses. With 88% of organisations having encountered an internal threat that could have been avoided, according to research from Vanson Bourne.
It is time to get your employees cyber smart. Here is a useful guide of things to look out for:
Businesses will never request personal information over email, even if the sender is claiming to work for a bank. Don’t open attachments or click on links from emails that you have seemingly received out of nowhere – no matter how urgent the email is phrased or however much promise of money is being offered.
If your boss is unlikely to email you asking for thousands of pounds, or you weren’t expecting a tax rebate, alarm bells should start ringing! The same applies to companies offering refunds or needing to check suspicious activity on a transaction – these are all common phishing methods.
Phishing emails that pretend to be a banking service are the most popular of scams. Bank scam victims lost £207.5 million in the first six months of this year, with cases of ‘authorised push payment scams’ according to UK Finance.
Even innocent-looking invoice attachments could release dangerous malware when opened.
Unless you know the sender, and the attachment is expected – never open it. If you are unsure, call the company directly to verify the email’s details.
An easy to spot giveaway of an email scam is the use of poor spelling and grammar. Professional companies will never send out poorly written communications, but fraudsters will.
As scams become more sophisticated, phishing emails are starting to copy wording straight from the businesses, so it can be harder to spot.
Also, look out for blurry or oddly sized company logos that will have been copied and pasted in.
Fake web links
If the phishing email wants you to follow a link, check the URL. A legitimate business will have straightforward URLs like www.bespokecomputing.com whereas a scam will use an unusually complicated link like www.bespokecomputing.stealyourmoney.com or it will use odd characters like www.bèşpōkèçomputing.com. The same applies to the sender’s email address.
Protect your business and its data by always airing on the side of caution.
Here at Bespoke Computing, we offer robust security solutions that will you arm your business with the right safety measures. We can help protect your systems from malicious threats, viruses and spam, as well as installing firewalls and data leak prevention with our threat management systems.
To find out more contact us!