The average office worker sends and receives around 121 emails every day.
And while that sounds like a lot, what’s even more shocking is that 3 billion phishing emails are sent each day. They account for 1% of all email traffic.
What’s a phishing email? It’s an email sent by cybercriminals that pretends to be from a trusted source, such as your bank, Amazon, or a delivery company.
They’re trying to get you to click on a bad link. Maybe so they can install malware (malicious software) on your computer. Or to fool you into trying to log into a fake website; accidentally giving away your login details.
Your team will probably each receive several phishing emails every week. So, it’s really important they know the warning signs to look out for.
New research has revealed that PayPal was the most spoofed business in all financial phishing emails in 2021, accounting for 37.8% of attacks. Mastercard and American Express followed behind, with 12.2% and 10% share of attacks.
It’s because PayPal is so widely used – it has 392 million active accounts right now – that criminals pretend to be the online payments giant.
With a quick look, a typical phishing email really looks like it has come from a real business.
It will ask the recipient to update their account details or check for unauthorized activity. The email will warn the recipient that someone may have breached their account and it’s possibly been hacked. Ironic, isn’t it?
Phishing is bad for anyone personally. But if hackers get into any business account, the resulting data breach can be devastating.
It’s absolutely vital that you educate all your people on the warning signs to look out for.
First, always check the link you’re being asked to click. Hover your mouse over the link and look at the URL. Does it look suspicious? Is the business name spelled correctly?
Check the address the email has been sent from. Does it look like a standard email address from the business? Or does it seem a little strange?
Look closely at the content of the email too. Emails from scammers will likely contain grammatical mistakes. They might not address you by name, and the layout may look slightly different than a genuine email from that company.
Trust your gut feel. You might feel it’s not quite right but be unable to say why. Don’t ignore that nagging feeling.
If you’re ever unsure, go to your browser and type in the real website address, then log into your account that way.
How protected do you think your business is? Are you certain all members of your team would spot a scam before clicking a link?
We’d love to help you review your data security and cyber-crime awareness training. Get in touch.
Published with permission from Your Tech Updates.