Call us on: 02920 887 362
Insights /

How Avoid Falling Victim to Phishing Email Scams

Phishing Email Scam
Phishing Email Scams

Phishing is when cybercriminals use misleading messages with dangerous links to trick people into downloading harmful software or visiting fake websites. While it started mainly with emails, this approach has now spread to texts, social networks, and phone calls. Phishing is the leading type of cybercrime, with about 3.4 billion spam emails sent daily. 

Phishing emails aren’t a new scam; they’ve been ongoing for decades. However, the latest technologies have made creating clone brand emails easy. With criminals taking advantage of this, the younger generation is getting scammed the most. 

Users aged 18-40, often referred to as Millennials and Gen-Z, are more prone to phishing attacks, making up 23% of the victims, in contrast to the 19% from the 41-55 age bracket, known as Generation X.

How Phishing Email Scams Work 

The message lands in your mailbox and appears from a familiar source. This could be your bank, telephone provider or a well-known organisation. When you open the email, you will see a professional email that again does not raise suspicion. 

You will be prompted to interact with the email. It could be a request for payment on an outstanding invoice or a recommendation to log in to your account. Another key example is an alien request to ‘review your recent purchase’. 

When you click any links in the email, you will usually be asked to log in to your account with the company in question. This is a smokescreen page. You enter your login information, and that’s it – the criminals have your confidential details.

How to Protect Your Business from Phishing Email Scams

In a time where there’s rampant cyber threats, phishing email scams stand out as one of the most destructive. For those at the helm of businesses, IT support, and management, recognising and combating these threats is crucial to safeguard the company, supply chain, and customer data.

Caught Out: Tech Giants Victim of Phishing Email Scams

Even tech giants aren’t immune. In a striking case between 2013 and 2015, a scammer from Lithuania cleverly employed phishing emails to steal over $100 million from tech behemoths Google and Facebook. This incident underscores the gravity and sophistication of phishing threats today.

Phishing Email Scams Example

An example of a phishing email scam for Amazon:

Subject: Urgent: Your Amazon Order Has Been Compromised!

Dear Valued Customer,

We’ve noticed some unusual activity associated with your Amazon account. An order placed within 24 hours seems to have been made from an unrecognised device.

Order Details:

  • Product: Apple iPhone 13 Pro Max 
  • Price: £1,099.97 
  • Shipping Address: [Unknown address]

If you did not make this purchase, please click here immediatelyhttp://amazon-fake-confirm-xyz.com/order-review

Please do not ignore this email. For the security of your account, any unrecognised activities should be addressed within the next 12 hours. 

Best, Amazon Security Team

What to look out for: 

  1. General Greeting: The email addresses the recipient as “Valued Customer” instead of using the customer’s real name, which Amazon would have. 
  1. Urgency: Scammers emphasise the urgency to make recipients act without thinking. 
  1. Suspicious URL: The URL provided doesn’t direct to Amazon’s official website. Always check a link’s URL by hovering over it. 
  1. Unusual Activity Claim: Scammers use the fear of unauthorised transactions to lure victims.

View more phishing email examples or view our Office 365 Phishing Simulator.

Steps to Counteract Phishing Attempts: 

  1. Educate Your Team: Knowledge remains a pivotal defence against phishing. Holding regular training sessions can arm your employees with the skills to identify and sidestep malicious emails. 
  1. Use Advanced Email Filtering with Mimecast: We at Excellence IT proudly partner with Mimecast, an advanced cyber security solution that detects spam and phishing emails. For businesses striving for optimal security, Mimecast comes as our top recommendation. 
  1. Two-Factor Authentication (2FA): Urge the adoption of 2FA across all business applications. This added layer ensures that unauthorised access remains thwarted even if login details are compromised. 
  1. Stay Updated: Keep all software, including antivirus, firewall solutions, and software patches, regularly updated to fend off the latest threats. 
  1. Have a Response Blueprint: A clear and concise response strategy is invaluable if a phishing attack proves successful. This should encompass immediate data-securing actions, transparent communication methods, and defined recovery stages.

Expert Advice on Phishing Email Scams 

Our Cyber Security Expert, Andrew Beer, had this to say on what to do if you receive a phishing email: 

“Be cautious: don’t click on links in suspicious emails. Always check the email address for spelling mistakes. If you’re unsure about a message from a business, it’s best to check their official website or call them directly.”

Conclusion

Phishing email scams have become alarmingly common. These scams aren’t just targeting major corporations; they’re an issue for everyone. Even though millennials have grown up in the thick of the digital revolution, the 25–40-year-olds age group is an attractive target for cybercriminals. 

The good news? Tools like Mimecast offer a layer of protection against these threats, and with the advice from Director of Excellence IT, Andrew Beer, acting with caution can keep us safe from phishing email scams. Remember: 

  • Always be diligent. 
  • Double-check any suspicious emails. 
  • If in doubt, reach out to the company directly.

It’s all about staying informed and vigilant. 

Excellence IT is a cyber security first Managed Service Provider based in South Wales, covering areas such as Newport and Cardiff. If you’re looking to outsource IT or outsource cyber security, fill in the form below.

You might also be interested in:

Cryptojacking is on the rise, and it’s here to stay

Discover how to shield your business from cryptojacking with our expert tips on detection, prevention, and swift response. Stay secure and informed.

Azure Virtual Desktop: Your Office, Anywhere

Embrace the future of work with Azure Virtual Desktop (AVD), a transformation solution offering unparalleled flexibility, security, and cost-efficiency for your IT infrastructure.

IT Support Newsletter: January 2024

A new year, same newsletter. Read all about our first month of 2024 here.