Cybercriminals look to exploit you and your awareness on identifying scam emails
When we provide Cyber Awareness training we are often asked: “How do I spot scam emails”. In the news, there is always information about Scam Emails that look like they have been sent from legitimate companies demanding personal information from consumers
How to spot scam emails
Phishing Emails are sent by cybercriminals where they attempt to lure people into a false sense of security. Victims hand over personal information, click a link or download a document that causes information to be stolen or corrupted.
There are measures that can be taken to reduce phishing scams and there are add-ons to services like in Office 365 which increase the defence against phishing scams.
Here are our 6 tips to help you spot a phishing email:
- Never assume that emails you have been sent are from the person they claim to be. If an Email does look suspicious, it is likely their account has been hacked or spoofed.
- Generally, companies do NOT ask for you to make a payment via email, there are exceptions such as when a company sends an invoice. Always think about the request and if in doubt check by calling the sender to verify if it is legitimate.
- Has the Email been sent to you addressing you by name? You can often see gaps in the writing and the impersonal tone in the email can make you realise it wasn’t actually sent for you.
- Scammers pretend to be from companies, often taking brand logos and layouts of Emails. Be vigilant and check to make sure if it is real, such as with PayPal Emails they are all too often faked.
- When seeing a link in an email be cautious about where it takes you, all too often scammers can email fraudulent links that may look legit but actually are designed to steal your personal data.
- If it is spam you may notice a lot of incorrect spelling and grammar. Organisations will generally check emails before being sent. Phishing emails are often put together fast by criminal organisations to attempt to extract the biggest amount in the quickest amount of time.
- Is your email service hosted by Office 365, or another Exchange service? We recommend avoiding Free Email services such as Gmail, Outlook, Hotmail and especially Yahoo!
What can we do to prevent Scam Emails & Phishing?
Cyber Crime has become a massive industry and the most common approach is to go after employees of companies through ‘social engineering’. Quite frequently we see emails that look legitimate but are actually from phishing scams designed to look like an email sent by Microsoft, designed to look like an invoice or a request for the user to authenticate themselves.
Employees are indeed the weakest link and it needs to be your IT departments job to educate your employees. If you do not have an IT department then any outsource support you use.
A Spam filter is a very important tool that can be a defensive block between your email service and the scammer. Not all spam will be filtered though unfortunately and that is where we need to educate users to make sure they don’t click on links they weren’t expecting.
Social engineering is not just done via email, we need to also be vigilant about criminals performing social engineering over the phone or in person. Often users will use personal information in passwords or recovery options.
We need to be cautious about the information we share as criminals may call asking for personal information posing as another company looking to verify the information.
Need help or want to know more?
If you would like to learn more or would like to discuss working together, complete our online form below.
Alternatively, book an appointment via our scheduler or call 01423 423068.
Book an Appointment