What is a phishing attack?
Phishing is a simple yet effective form of a cyber-attack. Cybercriminals will send emails with the aim to steal sensitive information or convince victims to install malicious software onto their computer. They will disguise themselves as trustworthy sources to disguise themselves and to give them more of a chance of the attack working.
Why do they do this?
There are a number of reasons why they do this. Cybercrime has become profitable and these cyber criminals make money from stealing your information, using your computer to mine bitcoins, or using your computer to attack companies’ websites so that they can’t operate and server their customers. Typical targets are banks.
How do you spot a phishing attack?
There are a number of ways to check if an email is suspicious. Follow our guide to avoid falling victim to a phishing attack.
Personalisation
A genuine company will normally personalise a customer email. Look out for salutations such as ‘Dear Customer’, ‘Valued Customer’ or ‘To (your email address)’. If you receive an email that begins with one of these examples chances are it’s a phishing email.
Company information
Double check contact information in the signature, a lack of contact details could be a warning of a scam.
Phishing attacks will use official company logos so it can be hard to tell if the email is legitimate. If you have recently received an email from the company compare the two to see if they have the same branding. If you are unsure get in touch with the company to find out if they have recently sent out customer communications – but don’t use the contact details in the phishing email!
Call to action
Does the email contain messages with a sense of urgency? ‘Act now before you’re account is suspended’, ‘Don’t miss out on this great opportunity’, ’There has been an unauthorised login attempt on your account’. If the email asks for you to send over personal details chances are it’s a fraudulent email. Keep your personal information safe and don’t give any of your details, companies will not normally request this information via an email.
Phishing emails aren’t known for exceptional spelling, look out for spelling and grammar mistakes. Take a look at one of the examples above.
Attachments
Phishing emails could be sent with attachments. If you were not expecting an email with an attachment, don’t open it! Attachments contain malware which can damage files on your computer, steal passwords and can even spy on you using your webcam and recording everything you type.
Links
Don’t click on suspicious links. Roll your mouse over the link and ensure that it reveals the same link as the text. If you want to test the link open a new window and type in the URL, links may lead you to .exe files which are known to spread malicious software.
What to do if you think you’re a victim of phishing
There are a few things you can do to reduce the risk.
- Update your passwords on all of your online accounts
- As soon as you can, contact the company or bank directly
- Close your accounts if you know they have been opened
- Regularly review your bank and credit card statements, check for any unusual charges and enquiries and report them
Don’t get caught out by phishing. Find out how we can help prevent an attack on your business here.