Phishing emails are becoming all too common, with at least one email hitting my inbox every day. It would only take a momentary lapse in concentration for any of us to click on the link, and that’s when the pain begins.
Before I go too far into this blog, it’s probably worth clearing up what a phishing email actually is. To put it simply, the emails you receive from the HMRC, Apple, Microsoft or Amazon (to name but a few) who ask you to click the link to confirm your password are phishing emails. They are designed to look like they come from the company they claim to be from, so the layout, fonts, colours and logos will all look corporate. The link, however, will not take you to the corporate website, but to a website designed to look like the corporate theme, but sadly it is designed to steal your data.
Here’s the question you now need to ask yourself, would you be able to spot a phishing email? More importantly would your staff be able to?
We have unfortunately had to help many businesses locally over the past year who have become victims of phishing attacks. The worst case we have helped with so far was from a company that were fairly new and only had a few staff so didn’t feel IT support was worth their investment. The Administrator received an email from who they thought was their boss asking for a payment of £15,000 to be made, apparently because they were overdue with one of their suppliers. The Administrator paid the money to the bank details provided on the email, only to find out after talking to her boss that he never sent the email.
There are two easy ways to help limit the amount of phishing emails your company receives. Firstly, implementing a robust spam filtering service will illuminate most, if not all of the phishing emails. This is a service that we can offer any size of business and has zero downtime on your email system. A daily email summary email is sent to all users listing all blocked emails. The user then has the option to release the stopped email into their inbox if they recognise the senders email address.
The second method of controlling the risk of phishing to your business is to train your staff on how to spot phishing emails and how to handle them. We offer a bespoke training service which can be delivered via self-paced training videos, or onsite training. The training course is written by a world leading cyber defence company and covers all basis from how to spot a phishing emails to what to do if a link is accidentally clicked.
We take your systems security extremely seriously. If you are an existing customer or are not yet using our services, we would love to speak with you about how we can help. To book an informal call back please select a convenient time for you in my diary below.