Don’t get fooled – how to spot a phishing attack
Cyber-attacks and data breaches can cause a lot of problems – business disruption, data loss, and financial hardship. Not to mention reputational damage. Safe to say, they’re a huge business risk and cause a whole lot of work you could do without.
The phishing problem
A common type of cyber-attack is a phishing email. During the height of COVID-19 in 2020, the number of phishing emails and attacks rocketed. Network security firm Barracuda Networks said it saw a 667% increase in malicious phishing emails. Google reported it was blocking over 100 million phishing emails a day! Shocking, right?
So, what is phishing and how can you spot a phishing email…
Phishing happens when fraudsters try to trick you into sharing personal information online. They might impersonate a legitimate company, colleague, friend or family member.
What kind of information could fraudsters phish for?
- Usernames and passwords
- Bank account details
- PINs (Personal Identification Numbers)
- Credit card numbers
- Your birthday
- Security questions and answers
Looks can be deceiving…
There’re some quick checks you can do to spot a phishing email.
- Do you recognise the sender?
You can hover over the sender’s email address – make sure no alterations (like additional numbers or letters) have been made. Does it look unfamiliar or pretend to be a company? Their email shouldn’t be sent from a public domain like Gmail or Hotmail – if it is, phishing alarm bells should be ringing!
- Does the URL it contains look legitimate?
Again, hover your mouse over it to check. Not sure? Open a new tab and tap in the URL, but don’t click on any suspicious links in the email. If you’re checking emails on your mobile, you can check the url by holding down on the link and checking the pop-up that appears with the link.
- Spelling and grammar
Poor grammar and spelling mistakes are a big give away – legitimate organisations won’t send any marketing littered with embarrassing mistakes.
- Squashed and pixelated branding
One trick fraudsters use is pretending to be big-name organisations you’d recognise and trust – Facebook, Paypal, HMRC are just some examples. If the logo and branding look squashed, pixelated or like it’s been copy and pasted, step away from that email!
- Not what you expected?
Were you expecting an attachment? Clicking on any infected attachments and downloading infected files can open up a big tin of worms. Malware worms. By clicking open, you could be sharing sensitive information like login details that could wipe you or your organisation’s bank account clean.
- What’s the rush!
Fraudsters will create a sense of urgency. If the request was really urgent, surely they’d just pick up the phone, right? Exactly.
No business is immune to phishing. If you want to test the security of your IT and technology, we can help. We perform a thorough assessment of your current IT provision, identifying weakness, and putting a comprehensive plan to fix issues and protect you, your employees and organisation for the future.
Drop us a line to find out more – 01625 837 800.