According to PwC, around half of cybersecurity breaches in the UK start with a phishing attempt. Macclesfield based IT support business, Fabric IT share their top tips on how to spot and protect your business from a phishing email.
What is phishing?
Phishing is an attempt to obtain sensitive information online. This could be for usernames, passwords, bank details, or more. Many phishing attacks are made to disguise where the attacker attempts to appear like it’s coming from a legitimate source.
How to spot a phishing email
Spelling and grammar
Often, a phishing email will originate from other countries so may contain spelling mistakes or poor grammar. Look out for language from others which seems unusual or out of the norm.
Attachments and links
Are you expecting an attachment or link from the sender? If in doubt, treat the email with caution, don’t click any links and give the sender a call to make sure it’s legitimate.
Check the sending email address
The email may appear to be from a sender you recognise, but this may be a display name. Check the email address is the same as you would normally expect to see before clicking any unexpected attachments or responding.
Suspicious bank details and invoices
If an email contains banking information or invoices, but the details have changed from previous correspondence, pick up the phone to ensure these are correct before sending any payments. Hackers are getting more sophisticated in their attempts to get financial rewards.
Urgent action required
Often spam emails will contain wording that makes the email look of high importance to get a quicker response without looking at the real sender. Emails could show text such as “Urgent, mailbox full”. If you receive emails like this, check in with your IT provider to ensure that this is not the case instead of clicking any links which promise to increase space or allow you to purchase more.
How to prevent phishing and spam email from reaching your inbox
Anti-virus software
It’s essential to have a reliable anti-virus in place. This helps to detect viruses before they can infect your computer.
Backups
All businesses and individuals should have a backup solution in place just in case you need it.
Email security
It is essential to have enough email security in place. This helps to stop harmful attachments getting through in emails and reduces the likelihood of staff clicking them accidentally or thinking they are legitimate.
Staff training
While all the above will protect you, it’s still essential to have staff well trained on what to look out for. Things like installing programs from the internet, clicking links in emails and providing logins, are all dangerous and make business more vulnerable to viruses. We offer a ‘Phishing Simulation’ service where we will send phishing emails to your staff to see if they take the bait.
It only takes one person in an organisation to fall foul of a phishing email for it to compromise a business’ entire network.
Share these tips with your organisation and ensure everyone knows that if an email looks dodgy, don’t click any links!