How to spot a phishing email and what to do about it

With so much media talk of organisations – even national institutions – being hit by costly ransomware attacks, and with the laws changing surrounding data with GDPR (General Data Protection Regulation) meaning higher penalties for businesses who have their customers’ data compromised without being able to show they’ve taken steps to keep it safe – it can be easy to panic as a business owner when faced with the subject of email security.

We’re here to tell you that you don’t need to panic, and take you through some practical things you can do to make sure that you and your staff are vigilant when opening email, without all of the hysteria.

But first thing’s first:

Install those updates
We’ve said this a lot, but that’s because it’s so important. Please don’t keep pressing ‘remind me later’ for all eternity. By keeping your mail client, your browser, your anti-virus, and your operating system up-to-date, you’re making sure that you have all the latest protection against new forms of attacks. When a team gets wind of a vulnerability in their software, they work to fix it and then give this fix to you in the form of an update. By ignoring this, you’re leaving your machine and the network it’s connected to open to potential threats.

This is one of the reasons a managed IT support approach is so good, you don’t even need to worry about that – all of your updates are installed at a time to suit you.

Now we’re on to opening emails:

Does it look suspicious?
Who is the sender?
The email might look like it’s from a name that you recognise, but is it really? Have a look at the email address in the ‘from’ header, sometimes scammers pretend to be people you communicate with to make you think that the link or attachment they’re sending is from a trusted source.

Subject line
What is the subject of the email? People looking to compromise your information in some way, often use language to whip up panic. ‘Your account has been suspended.’, ‘There has been unauthorised activity on this account’ – to name two examples. If you receive an email with a subject like this, take your time to evaluate its legitimacy, don’t click the link or open the attachment based on feeling under time pressure.

Whilst this isn’t a fail safe indication, combined with other elements poor spelling and grammar can be an indication of a scam source. Also, what is the email asking you to do? If it involves transferring money or passing on information, a quick phone call to the person you think has given you the instruction to check it’s actually from them before carrying that out is sensible.

If you hover your mouse over the link that’s in the body of your email and the website that appears doesn’t seem to match, you’d be right not to click on it. If you receive an email that looks as if it’s from a bank or similar, if you do forget the above and click on the link to find it’s asking you for login and personal financial information – don’t enter it! Banks will never do this, and places like HMRC will not confirm things like tax rebates via email.

Who is the communication addressed to in the body of the email? ‘Dear Joe Bloggs’ is much more likely to be legitimate than ‘Dear valued customer’.

Businesses genuinely looking to contact you will provide their contact details, if your email doesn’t have any, then it’s right to be wary

None of the above

The thing with phishing scams and emails designed to infect computers with viruses, is that they are becoming more and more sophisticated. This means that in theory all of the above can appear to be above board and legitimate, and yet they are not. If you have a gut instinct that something isn’t right, simply delete the email, or ask your IT provider to check it for you.

This is where the panic element comes in to play.

If you’re running a business with multiple staff, how do you ensure that no-one ever clicks on a phishing link, or opens an attachment which will result in your entire network becoming infected?

The short answer is: you can’t. Even with extensive training and regular reminders, a clever scam could flummox even the most technically-savvy in your company.

Email Spoofing
Something we’ve been seeing even more of recently, is the practice of email spoofing. This basically means that someone is using your email address like a mask, and it doesn’t mean that your emails have been hacked.

For example, you may receive an email which appears to be from your own email address, from someone who claims to have hacked in to your emails, threatening to send private information to all of your contacts.

They are most likely ‘spoofing’ your email address, pretending it’s coming from you – they don’t actually have access to your account at all.

This technique can also be used to impersonate someone else, so if you receive an email from a colleague asking you to transfer a sum of money, or which just contains a link with no other context, it’s worth a quick call to them to double check that they’ve actually sent it – if not, delete.

So what can you do?
Prodigy can supply, install and manage anti spam and email security solutions which will help overcome some of the problems we all face within this blog. No solution will be 100%, however like any robust prevention tool the more layers of protection in place the less likely you are to have a problem. Some key features to our approach includes:

Attachments/links can be scanned by the user before opening
Attachments can be opened in a safe online environment before being opened on your local PC
Attachments can be saved as PDF before opening removing any potential harmful install files
Anti-spoofing tools to help stop scammers send emails on other people behalf
Secure email sending to help avoid emails being intercepted and details being changed
Reports on scanned emails can be sent to users to help decide what emails are legitimate
Email archiving – if legitimate emails are deleted we can restore a copy from up to 99 years
Anti-spam filtering
If you have any questions, or you’d like to speak to someone about email security, please do get in touch via our contact form.