how to spot an Email phishing attack
86% of organisations had at least one member of staff click a phishing link on an email. Phishing is the second most active type of security threat to a business, yet many staff members are unaware of how to identify a phishing email.
Here are our 7 key tips for spotting an Email Phishing Attack!
What our clients say...
What Is A Phishing Attack?
A phishing attack is when an attacker tricks a person into revealing private or sensitive information through a fraudulent message, often through email or text. This can include bank details, personal identification, login credentials etc. The malicious link can also install malware, which can lead to digital devices being hacked, viruses being leaked onto one or more devices within the organisation or track your activity on your device.
Most importantly, businesses which are victims of attacks can suffer significant financial loss, both in fines and reputational damage. It is simply not worth the risk.
What Are The Different Types of Cyber Attacks?
Email Phishing: This is when a scammer sends an email which looks legitimate and will trick the victim into clicking a link or leaking sensitive information. This will result in the hacker stealing and possibly selling the data.
Spear Phishing: This is when a specific individual within an organisation is targeted to steal their login credentials. The attacker will gather basic information about the victim such as their name, email address and position at the business before sending out the email.
Whaling Attacks: Whaling Attacks target more senior members of an organisation as they usually have access to more areas of their business network, especially the more sensitive areas such as banking details or staff member identification. A successful whaling attack would result in lots of private information being stolen.
Snapchat was a victim of a whaling attack after an HR CEO was tricked into leaking data about four employees’ payroll information. This is hugely detrimental for a tech firm, however, is a testament to how well phishing emails are disguised and can trick even the biggest of firms.
Smishing and Vishing: Vishing is short for ‘Voice Phishing’ and is when someone uses the phone to steal information. The attacker may present themselves as working for a trusted company such as a bank, or they can pose as a family member or friend to get the victim to leak sensitive information.
An example of this can be found in the 2017 Barclays Digital Safety Advert.
Smishing is when attackers use SMS text messages. Again, they will often present themselves as a trusted organisation such as a bank or a postal delivery service. A link will often be sent to encrypt the digital device and release information about the victim. We have seen a rise in this type of phishing due to COVID-19 causing a large demand for online shopping so customers were receiving more postal notifications. Texts asking for a small payment to be made in order for their parcel to be delivered were spread around, causing bank accounts to be hacked and emptied (BBC News).
Angler Phishing: This type of phishing targets social media users. They will disguise themselves as another company or a customer service agent to trick the user into releasing their credentials or clicking a link which will send a virus onto their digital device. Many people have seen this type of phishing when a company starts a competition. A hacker will create a new social media page disguised as the company and privately message individuals telling them they have won a prize, however, for the prize to be sent, they need to click a link, or send over some details. This again results in sensitive data being released and the potential of bank accounts being hacked, or digital devices being encrypted.
How Can Your Business Avoid Phishing Attacks?
Measure Risk VS Priority Vs Consequence Vs Investment.
Like insurance policies, the more you invest, the more security cover you put in place.
As an accredited provider, we can understand your specific organisation, the realistic exposure to breaches and what REALLY needs to be protected, for the lowest investment.
Whilst no one wants to spend on cyber-security, make no mistake, it’s an insurance policy…
So when the inevitable happens, your business is protected from losing thousands to recover from a cyber attack.
Latest Blogs News Articles Events
Company culture – the most important thing that nobody really understands. It’s like the unicorn of the business world – everyone talks about it, but nobody has ever seen it. Many companies claim to have a great culture, but their employees are secretly plotting their escape. Others have terrible cultures, but their employees are too scared to leave because they’re paid in snacks and ping-pong tables.
Elevate your video calls to the next level with custom backgrounds in Microsoft Teams. Learn how to create and upload your own backgrounds, and represent your company’s brand identity in virtual meetings with ease.
Get ready to work smarter, not harder, with Microsoft’s latest update – Copilot, an AI-powered chatbot that takes care of tedious tasks like writing emails, creating presentations, and more. Partnering with Matrix247, Microsoft has developed a game-changing tool that will revolutionize the way you work