With the exception of sole traders and independent workers, no legitimate business would ever contact you from a public domain (e.g. @gmail.com).
If the domain name (the bit after the ‘@’ symbol) matches the apparent sender of the email, it’s more likely to be a real email.
“But how do I know what a company’s domain name is?”
The best way to check this is using a search engine. The domain name will more often than not, match the company website.
A common trick used by scammers is to use the company name before the ‘@’ symbol or to change their display name to the company name – so be vigilant!
Yes, we’re still on the topic of domains…
Another common trick is to use a domain name very similar to the company they are pretending to be, but with a very subtle spelling mistake. For example, the email may come from imfusetech.co.uk rather than infusetech.co.uk
You’d like to think that the businesses scammers usually pretend to be wouldn’t make huge spelling and grammar mistakes so, seeing multitudes of these in an email can usually be a warning sign.
Very often, phishing emails will either contain an infected attachment or a link to a bogus website.
Make sure you are vigilant before opening any attachments as once they’re open, it’s often already too late. The attachments unleash malware onto your computer which can perform any number of activities (none of which are good!)
Links are often common and hovering over them with your mouse (without clicking) will show you the destination of the link. If the link doesn’t match the context of the rest of the e-mail, do not click! For example, the e-mail could appear to be from Netflix but the link may be trying to take you to www.thisisafakewebsite.co.uk.
Scammers know that the longer we think about things, the more likely we are to spot mistakes. So, to make sure we don’t have time to think, they often create a sense of urgency (e.g. “this invoice should have been paid last week. Pay now or your account will be blocked”).
Even if you have spam filters set up, they will never block 100% of phishing or scam emails so with the rise of the phishing email, it’s more important than ever to educate your employees.
Employees should know how to spot a phishing email, the way phishing works, and what to do if they have received one.
If you require any support in training your employees or advice on ensuring your business systems are as secure as they can be, get in touch with our team today.