Fraudsters disguise their emails to look as though they are coming from a trusted source (like a bank or even from within the company). These phishing emails attempt to trick you and your staff into:
- Clicking on a link to visit an authentic-looking website which will either ask for personal or company details or is infected with malware (software that can harm your computer).
- Opening an attachment disguised as a normal file, like a Word document, but contains malware.
How can I protect our business?
Install a reputable spam filter for all company email accounts. Then, make sure your staff are aware of the guidance below by asking them to complete our short course for employees.
- Never click on attachments or links in emails from unknown sources. If in doubt, contact the person or organisation the email claims to have been sent from through a different channel.
- Take your time with links in emails. Hover your cursor over the link to reveal its true destination, shown in the bottom left corner of your screen. If visiting another organisation's website to sign in, such as your bank, go to the login page by typing the web address directly into your browser rather than following a link.
- Never unsubscribe from phishing emails as the "unsubscribe" link may lead to malware.
- Watch out for emails from hacked accounts of known contacts – check their legitimacy through a phone call or different channel.
- Never reply to email you are unsure of.
Get Safe Online provide further advice on email security.