Call us 0843 453 0103

The Phishing Scam - Can your employees identify malicious emails?

Sep 19

Phishing is big business for cyber criminals, with attacks on the rise in recent years with 66% of malware now installed via malicious email attachments. Your employees are your end users and the most vulnerable targets for these criminals. Educate them about malicious emails and how to spot them, before your company becomes compromised.

Find out more about Phishing in this blog article by our IT Support Team Leader Graham Lilley, and request your free Anti-Phishing Toolkit to educate internally about phishing so that your employees become your first line of defence against cyber criminals.

_MC_3112.jpg

What is Phishing?

1 in 3 cyberattacks enter companies via email
59% of attacks are motivated by financial gain
Phishing is considered the most significant security risk by IT managers.

Phishing is when cyber criminals send you an electronic message such as an email to try and trick you into doing something insecure like giving out your information such as passwords, credit card details or your address.  These emails can be under disguise and appear as though they are being sent by your bank, Amazon, Apple or any other common brand.  However, in recent years criminals have become even more sophisticated and can make the emails appear to be coming from anyone, even a colleague!

How to spot a Phish

Phishing emails come in all shapes and sizes, but fortunately there are some “tells” you can look for to help suss out potential scams.

undefined

Take a look at this email from our example company 'Money Matters Banking', are you able to spot the red flags that might indicate that it is infact a phishing scam?  Use the points below to help.

  • It just doesn't look right - If the email doesn't appear to be legit, trust your instincts.
  • How does the email address you? - If the email addresses you as 'Dear Customer' or doesn't address you at all.  Using impersonal salutations saves the cybercriminals time so they can maximize their number of potential victims.
  • Grammar and spelling errors - This is normally a dead giveaway that an email may not be genuine.
  • Sense of urgency - If the email is encouraging you to take action straight away.  By convincing you the clock is ticking, thieves hope you’ll make a mistake.
  • Mismatched URL - Always check the integrity of any embedded URLS.  Such as the example above, check that the HTML link by hoovering your mouse over it and if the URL doesn't match the text this might indicate a fraudulent email.

If you are still unsure if an email is genuine, go to the providers URL address directly yourself via your web browser and never open any attachments such as PDFs within the email.

undefined

Request your free Anti-Phishing Toolkit & educate your office today!

Request your free Anti-Phishing Toolkit & educate your office today!

We have some great resources we can send out to your office from our Cyber security partner Sophos.  You can use these to educate internally about phishing so that your employees become your first line of defence against cyber criminals.

This kit contains:

  • Posters for your office
  • 10 tell tale signs of phishing
  • Phishy flowchart - to help you identify phishing emails
  • Don't take the bait whitepaper

 

Request a call back …