Can you spot a phishing email?
“How did I fall for that?”
The common question asked by almost anyone who’s fallen victim to a scam.
Sometimes cyber-attacks are sophisticated and other times they simply catch you on an off-day where you are not properly thinking. The problem is, if you are receiving more then one spam or phishing email a week, you need a more efficient anti-spam solution. Malicious or spam emails should not be entering your mailbox.
Are you using a Mail Filtering Solution? Such as itro Mail Scan
- Yes – great, any emails with the potential to harm your business are blocked from reaching inboxes
- No – you are not protected, malicious emails are entering your inbox. Staff may unknowingly click a malicious link allowing a cyber criminal access to your network. Once cyber criminals have access to your network they will generally hold your data at ransom demanding large amounts of money
- Unsure – if you receive constant spam or unwarranted emails, it’s likely you do not have a Mail Filter solution
Are your staff aware of ‘social engineering’?
50,635 email-bases scam attacks were reported in Australia, 2017 totaling $17.4 million in loses(MailGuard, 2018). How are so many people getting fooled? “Social engineering is essentially the art of gaining access to buildings, systems or data by exploiting human psychology, rather than by breaking in or using technical hacking techniques.”(via CSO online).
This is a targeted attack whereby a scammer will pose as a client, colleague or supplier.
Do you believe the believe emails are legitimate or phishing emails?
Here are a sample of emails. Can you pick which ones are legitimate?
1. Telstra invoice: Real or a scam?
Answer: Scam!
Tips to spot this as a spam:
- Incorrect domain name. Legitimate emails will only come from @telstra.com.au
- Strange email address
- Non-personalisation
- Misleading hyperlinks. Before clicking any links, hover over it and check the domain it is linking you to and if they look suspicious do not click them and instead refer to the companies website
2. ANZ Bank Statement: Legitimate or a scam?
Answer: Scam!
Tips to spot this as a spam:
- Warning, scammers have gone to great lengths in forging anz.com.au domain/
- However, they have misspelled ‘ANZ Bnak’.
- No personalisation
- Misleading hyperlinks. Before clicking any links, hover over it and check the domain it is linking you to and if they look suspicious do not click them and instead refer to the companies website
3. American Express Statement
Answer: Scam!
Tips to spot this as a spam:
- Incorrect domain name
- Strange email address
- No personalisation
- Poor formatting and outdated branding
- Misleading hyperlinks. Before clicking any links, hover over it and check the domain it is linking you to and if they look suspicious do not click them and instead refer to the companies website
What was your score?
Did you pick all three emails to be scams or were you mislead by scammers clever techniques?
Mistakes happen and employees may click on harmful links, so, it is up to you to ensure you have the right systems in place blocking these harmful emails!