Over the last few years, cyber-attacks have become increasingly complex, yet a huge amount of attacks still originate from malicious emails. ‘Phishing’ is the term used to describe fraudulent attempts to gather sensitive information such as usernames, passwords etc, via email. While there are excellent tools available to protect your network against spam and malicious emails, (patching, malware protection, anti-virus, email filtering – will all help) there is always a risk that some will slip through the net. Multi-factor authentication is the main defence against this kind of attack but if you don’t have this in place your last line of defence is your staff. It is important that you equip them with the knowledge of how to detect key warning signs of phishing attempts.
These phishing emails often claim to be from a senior colleague or a mainstream service provider (such as Amazon, Netflix etc), with an urgent call to action. They often ask you to log-in or verify financial details and a link within the email will redirect the victim to a fraudulent website. Sometimes the emails will contain sensitive information, such as passwords, perhaps gained by criminals from a data breach of a large service provider. This can give the illusion of legitimacy and make fraudulent attempts difficult to spot. There are, however, a few warning signs, which can help your team spot these phishing attempts.
1) Email address
The phishing emails often pretend to be from a recognisable brand name, such as Netflix, PayPal, TV Licensing etc. So, the email may appear, at first sight, to be from a sender you recognise. Criminals often use the Display Name function of email to state the (fake) company name. The key is to always check the actual email address. You can hover over the display name with your mouse or right click on the sender name, to reveal the address. The email address often is clearly fake and/or sent from a public email domain such as @yahoo.com or @gmail.com.
2) Domain name misspelled
Anyone can buy a domain name and criminals often buy domain names, which are similar to legitimate sites. They also use sneaky mis-spellings within domain names to fool recipients. For example, using rnedia instead of media. Generally, poor spelling and grammatical errors are a sign that something is amiss. The tone of emails is often a red flag. It may be an unusually formal email from a colleague, or an email, which uses the word ‘official’ several times.
3) Sense of urgency or call to action
The emails often raise a concern with an urgent call to action. It may say that your payment has been refused (as in the recent Netflix or TV Licensing scams), or that you have been victim of a fraud, or a senior colleague needs urgent action on an invoice etc. You should always contact the sender to check legitimacy before acting on these requests.
4) Attachment or link
The phishing emails often contain an attachment (perhaps an invoice , etc) which will launch malware on the victim’s computer. Similarly, they might contain a link to a fraudulent website which will ask the victim to log-in to verify information. Again, it is important to check where the link goes to before clicking. Criminals will disguise the hyperlink behind a legitimate looking button on the site. You can check where the link goes by hovering your mouse over the link. It can be useful to have a policy of never entering financial details following a link from an email or text.
5) Branding consistency, logo, official, quality of design
Criminals often use out of date logos and poor quality of design within their phishing emails. Often a large part of the email is taken up by an image. It something feels off with the design, it is worth scrutinising the other red flags as detailed above.
How can RedMosquito help?
We always recommend a multi-layered approach to cyber security and our Technical Consultants are happy to advice on the best solutions for your business. We can advise on additional security measures which may help, including multi-factor authentication. We also offer a range of Security Awareness Training courses to our IT Support customers. These courses educate your team on the how phishing attempts work and how to spot a malicious email. The training is reinforced by creating simulated phishing attempts to test user knowledge over the following weeks. If you would like to have a chat with us about how we can help your business, contact us today.
RedMosquito Ltd provides IT Support and IT Security services to SMEs in Glasgow, Edinburgh and throughout Scotland.