Phishing is responsible for most security breaches, as cyber criminals know that the weakest part of cybersecurity are employees.
The aim of an attack is to steal data, including login credentials and credit card details. Firstly, recipients are deceived into clicking a malicious link, which can lead to the installation of malware as part of a ransomware attack.
There are huge repercussions for such attacks. As well as financial losses, there are damages to the business’ reputation and loss of trust from clients and suppliers.
What to look for: –
Misspelt email address
Do not just check the name of the person sending the email. Look closely at the email address to make sure there is no alteration, or addition of numbers or letters, as they will be using a different domain.
The email states URGENT!
They create urgency, often wanting you to click or open the attachment immediately. Or the email may also trick you into claiming a reward or avoid a penalty.
Impersonal & incorrect spelling or grammar
While they have an email address, often they do not have the name, so there is a generic greeting like Dear Customer. A genuine email should be well written. Oddly hackers often send poorly written emails to target the less observant – making them easier targets!
Check suspicious-looking URL’s
Do not open the links if you suspect the message is a scam. You can also test links by typing them into a URL checker.
Links to a fake website
The fraudster will often include a link to a fake website that looks like the sign-in page of a legitimate website. They use this to gain access to logins and passwords.
There are several steps companies can take to prevent phishing including training for all staff, two-factor authentication, and good password management.
For further information on GHM’s IT Managed Services, click here: https://ghmcommunications.com/it-managed-services/ or contact GHM on 01865 367111.