How to stop an email phishing scam from hooking you
In 2016 it was estimated that cyber crimes cost businesses an average of £300,000, and can put a company out of action for up to 10 days at a time. One of the most common methods of cyber crime is fraudulent emails.
Simply clicking on the wrong link in an email can cause you and your company to lose a lot of money and resources. That's why it is so important to be knowledgeable about the latest scams, and have the right systems in place to protect you should a phishing attacker strike.
Over the years, email phishing scams have become more and more realistic, with emails coming from addresses with almost but not quite the same domain names, similar logos, and layouts, even the same business language, and signatures. While the disguises become more subtle and professional, clicking on the links or opening the attached documents in these emails can seriously harm your business.
So how can you protect yourself from email phishing attacks on a daily basis?
Here are some steps you can take...
1. Be vigilant
Always look at where your emails have come from, check business names and email addresses. Do you recognise the name? Or does something seem wrong?
2. Zero trust
If you're not sure about an email then don't click any link. If you're interested in investigating, then look at the link hypertext and check where it is sending you. You could even type part of the hypertext out into a search engine to see if it is a scam that has already been picked up on. If it looks suspicious send it to your junk folder, label it a phishing scam right away, and alert your IT support.
3. Keep your money safe
Whatever the situation, never send personal or financial information via email if possible. Even if you know the person you are sending it to, your data could be intercepted on its way to its recipient.
4. Track your finances
Keep on top of your bank statements and financial transactions and make sure you know what each transaction is. If anything is out of place, call your bank straight away.
5. Report suspicions
Always report suspicious emails to the person responsible for IT in your business, they will then be able to update and filter out these emails in the future.
6. Disable HTML
Consider converting HTML emails into text only, or disabling HTML email messages completely as this will make phishing even harder for the thieves.
7. Stay up-to-date
Get regular training on cyber security and keep up with the latest phishing trends so you can ensure you are as knowledge about the threats as possible.
What should your IT support be doing to protect you?
- Providing broad spectrum protection
An IT support provider should be using one of the top anti-virus solutions with a high-level detection rate. It should constantly monitor your email and actively check emails regularly to detect potential scams. (We use Kaspersky’s high-level protection to keep you safe).
- Tailoring support to you
Your business will have unique anti-phishing needs, and a good IT support team will create a customised spam filter that will detect viruses and blank systems for your business. The more specific the filters, the better you will be protected.
- Giving high-level encryption
Your business will need to be assured that all sensitive company information is encrypted and so any IT support provider worth their money will put this in place. Encryption will make data useless to any potential phishers and so make you less likely to be attacked.
- Using all the latest software
Phishing scams are becoming harder to identify, and your security needs to be constantly updated to ensure you are protected from the latest threats. Your IT support provider will ensure your systems stay up to date so that you don't leave yourself vulnerable to attack.
- Providing a robust backup system
Email data is vital to most businesses, yet it is estimated that organisations face a 72% risk of unforeseen email outage within the next year. Phishing attacks can lead to your email system going down. To mitigate this loss, a well-managed backup system will ensure you can retrieve all lost emails and carry on with your business.
- Working on your DRP
A good IT support provider will work with you to create a disaster recovery plan that will help you should the worst happen and you are the victim of a phishing attack. Talk to your provider about your business and what would be the worst-case scenario for you, and you'll be able to come up with a solution that doesn't leave you suffering an irreconcilable loss.
Worried about email phishing scams and want to talk to someone about your IT security? Contact us now and we'd be happy to help.