Phishing emails – how to protect your business

We’re seeing many phishing attacks doing the rounds and they are getting more and more sophisticated. In fact 83% of UK businesses are seeing them come in at least once a week.

We’re here to help you navigate the choppy email seas and help you spot, prevent and manage should you get caught.

It happens to even the most vigilant of people, so its important not to place blame. Having a sound awareness and continuity plan in place will ensure you’re prepared.

Here are the most prevalent types of email attacks to look out for…

Email Phishing

The most well-known, often impersonating a household brand and leading the receiver to click a link or open a PDF. This then results in stolen credentials, malware on the device or malicious code being installed. We’ve seen them spoofing Amazon, Royal Mail, GOV.UK, High Street banks and more.

Warning signs:
  • The sender’s email, often these will not look quite right
  • Shortened links as these can get past secure email gateways
  • A large image and minimal text, the images hide malicious code
  • Incorrect spellings or poor-quality logos

Spear Phishing & Whaling

This often occurs in larger organisations as per the nature of its name its more targeted and the cyber criminals will have done their research. Getting information for social media or your company website, individuals are sent emails appearing to be from someone else in the organisation.

Whaling is a type of CEO fraud where email you receive has come from the owner of your organisation. These typically ask for a cash transfer or a document review.

Warning signs:
  • Shared drive links
  • Strange requests for information that are not the norm
  • Anything that requires you to login or input a user ID
  • Asking for money to be transferred
  • Asking for a review of a document
  • Shortened links
  • Misspellings
  • Receiving the request on your personal email instead of your organisation email

HTTPS Phishing

This is a link that’s contained in the body of the email. Always think twice before you click, if you’re unsure it’s probably with good reason.

Warning signs:
  • Shortened links
  • Hypertext (Clickable links embedded into text)

Clone phishing

This is where attackers research the business applications you use in your organisation and replicate emails from them. It appears to be coming from a service provider but is in fact a replication.

Warning signs:
  • Requesting your information via a link
  • Use of shortened links or hyperlinks in the text
  • Receiving the email at a strange time
  • Large images and little text
  • Misspellings
  • The sender’s email, often these will not look quite right

How to prevent an attack

Email filtering is your first line of defence, make sure you have this in place to prevent the majority of spam reaching inboxes. This will pick up malicious code and attachments.

It then goes without saying that educating your teams is of paramount importance, here are our top tips on how to do this.

  • Teach them what to spot. Share images of malicious emails that are doing the rounds and alert them if the business is experiencing a high volume of spam
  • Tell them that if they are ever unsure, don’t click! If it is legitimate, there are other ways of getting in touch
  • Ensure they never enter sensitive details into anything other than your business applications and drives
  • Test a threat replication email and monitor the response to identify areas of further training
  • Encourage them to alert your IT department about anything suspicious

If you get caught

As part of your business continuity plan, make sure everyone in your organisation knows what to do in the event of a breach. Its important to respond quickly.

Staff may be scared to report for fear or reprisal but it’s very important to tell them that even the most vigilant can get caught. These attacks are sometimes extremely sophisticated and hard to spot. The importance of quick reporting so action can be taken is essential.

Make sure you have a response plan for every type of incident. It should include immediate prevention so no more harm can be done, plus any legal or regulatory responsibilities.

Your response plan should be practiced regularly so that you are well versed in what to do if an incident occurs. This will ensure your business can stay operational whilst the situation is being dealt with.

For further advice on business continuity, disaster recovery or cyber security, speak to our friendly team of experts. We’re always here and happy to help and advise on keeping your business up and running.

making better connections

Request a Callback