Spotting email scams - what to look out for
Even if your company systems are protected by anti virus, security updates and other defences, the most important link in an organisation's security defences is you - the IT user - and your ability to spot a fake email before you open it or act upon it.
"Phishing", "Spear Phishing" and "Whaling" emails can be targeted directly at your organisation by criminals and are designed to encourage you to open their attachments which will infect your computer with malware, and could lead to a breach of company systems and / or data loss via Crypto Ransomware.
You may also receive emails which are intended to defraud the company out of money by duping you into making a payment to a fraudulent bank account.
What to look out for
Suspicious attachments Emails with Word, Excel or PDF attachments.
Emails asking for urgent electronic payments to be made.
Emails advising you of a change of bank details for you to make a regular or scheduled payment into.
Emails claiming to be from yours or the company's bank, or well known online services (eg: Facebook, Linkedin, iCloud) asking you reset your password or "verify your details" These attacks encourage you to enter your real username and password for these services into a malicious website which often looks exactly the same as the real site, allowing the attacker to obtain your username and password for the service in question. if you re-use passwords on different systems (including company systems), they'll also be able to quickly break into those too.
Emails with forged names in the "from" address. These will look at first glance like they've come from someone you know, or who is already in your address book. Also, e-mails from a similar e-mail domain name to your real one (eg: a forged "conttoso.com" instead of the real "contoso.com" - note the double t in the forged one).
What to do
Immediately report anything suspicious. If you think you’ve received a fake email, do not click on any links. Report it immediately to your organisation’s IT team, and / or to your service provider. If you’ve already clicked on a suspicious link, contact your IT team or service provider immediately and if you feel confident to do so safely, disconnect your computer or device from the network by unplugging the network cable or switching off the wireless capability using Airplane mode / flight safe mode. This can help limit the damage any malware can cause.
Scan all attachments with anti virus software before opening them.
For changes of bank details, make independent checks with the requestor before making any changes - for example, you could insist that changes to bank details are only accepted on the requestor's headed company paper, showing the old bank details you have on file, accompanied by a bank statement which matches the new details, and signed by a director of their business who you can independently contact to verify the request.
If you get a password reset e-mail - did you request it? Do you even use the service in question? Always ensure you use different passwords on all systems, especially company systems.
Email software makes it easy for scammers to send an e-mail which looks like it has come from someone you trust by forging the name, which your email software will then display to you without checking whether it's correct. It's much harder to forge the e-mail address as well. Click on or hover over the senders name, and most email software will show you their email address - make sure it's an address you recognise.
Check the email address to make sure it really is the one you think it is, paying particular attention to spelling
For more information on cyber security, please visit our website, or talk to one of our technical advisors on 0800 862 0095