1 in 99 emails is a phishing scam. And a quarter of these slips through security filters to reach your inbox.
What’s phishing? It’s where someone sends you a fake email pretending to be someone else. They hope you’ll click a bad link or download a dangerous attachment.
They want to infect your network with malware or steal your login details.
Phishing is bad news for your business. So here are some red flags to watch out for.
First, look for bad grammar or spelling mistakes throughout the email.
Or an unusual layout when compared to genuine emails you’ve received before.
Maybe the email is from a supplier you use often, but the email says “dear customer” rather than greeting you by name.
It’s a good idea to check the sender’s email address too. Is it genuine or a close copy?
You can check any website link by hovering your mouse over it. Is it directing you to a genuine website or one with a similar but fraudulent URL?
And if there’s an attachment, what’s the filename? A phishing email may use strange names.
If you’re unsure after completing these checks, don’t click anything. Visit the website that the email’s trying to send you to, and log in directly there. Or phone the sender.
These are just the basics. If you want proper security training for your team – and don’t worry, it’s fun, so they engage with it and remember it – get in touch.