Is your company protected from financial phishing scams?
Olly Denhard
Founder, IT Trouble Free
22 March 2022
Did you know that the average office worker sends and receives around 121 emails every day?
Although that sounds like a lot, you may be shocked to learn that 3 billion phishing emails are sent each day, accounting for approximately 1% of all email traffic.
A phishing email is an email that pretends to be from a trusted source like your bank, Amazon or a delivery company; but is sent by cybercriminals. It will ask the recipient to update their details or check for unauthorised activity.
The likelihood is that your team will each receive several phishing emails every week trying to get them to click on a bad link so the scammers can install malware (malicious software) on a computer or fool people into trying to log into a fake website – inadvertently giving away login details.
At a glance, a typical phishing email looks like it has come from the real business. For example, new research has revealed that PayPal was the most spoofed business in all financial phishing emails in 2021, accounting for 37.8% of attacks. Mastercard and American Express followed behind, with a 12.2% and 10% share of attacks.
Ironically, the worry that someone may have breached their account causes people to let hackers in!
Phishing is terrible enough for victims personally, but the resulting data breach can be devastating if hackers get into a business account. So, you must educate all your teams on the warning signs to look out for.
- Always check the link you’re being asked to click. Hover your mouse over the link and look at the URL. Does it look suspicious? Is the business name spelt correctly?
- Check the address the email has been sent from. Does it look like a standard email address from the business or does it seem a little strange?
- Look closely at the content of the email too. Emails from scammers will likely contain grammatical mistakes. They might not address you by name, and the layout may look slightly different to a genuine email from that company.
Above all, trust your gut. You might feel it’s ‘not quite right’ but be unable to say why. Don’t ignore that nagging sixth sense! A great tip is: if you’re unsure, go to your browser and type in the real website address, then log into your account that way.
How protected do you think your business is? Are you sure all team members would spot a scam before clicking a link? We’d love to help you review your data security and cybercrime awareness training. Just book a call with us now.