Strategic Group Blog

Everything you need to know about IT and technology

Written by Emily Gam
on May 04, 2017

Just recently it was revealed that both Facebook and Google were victims of a sophisticated phishing attack which stole $100 Million over two years. It’s surprising that two major tech companies could fall for such a scam, but the truth is that phishing is now a big business and the criminals behind it are getting better at it every day.

What is Phishing?

Phishing is when a scammer sends out an email claiming to be from a well-known organisation in an attempt to gather personal and financial information. You typically see these emails come from banks, mail carriers etc.

Several recent phishing campaigns targeting Australians have featured precise replicas of the imitated organisation’s brand design and competent use of English, where the typical fake email might historically have been easier to identify thanks to spelling errors, poor grammar and inconsistent design.

Red Flags

  • Links

Be wary of hyperlinks in emails, even if they look legitimate they could be linking to an entirely different URL.

  • Typos

Bad spelling and grammar can be signs of a scam email, also if the email starts with a generic greeting. However, some phishing emails are getting more sophisticated and targeted so bad spelling may not always be present.

  • Threats

Many phishing emails contain threats or negative consequences if action is not taken. These are usually in the form of account closure or legal action if payment is not made immediately.

  • Sender

Was the sender someone you don’t normally deal with, or was it out of the blue? Never click on links in an email from a sender you don’t know.

How to prevent phishing

It is important to remember that these organisations will never ask for your personal or financial information. If you suspect that an email you received is a phishing scam but you aren’t sure, contact the organisation. Make sure you independently search for their contact info, and don’t use the details provided in the email.

You should ensure your staff are trained and know how to spot a phishing email. Consider conducting phishing tests on your staff and holding regular training.

Remember to always stay vigilant about what links you click and what information you provide. It’s also important to have a working Disaster Recovery Plan in place in case everything goes belly up.

Disaster Recovery Plan Template

Let Us Know What You Thought about this Post.

Put your Comment Below.

You may also like:

Tips Security

Cyber Security: What is whaling?

You’ve heard of phishing and how scammers use it along with social engineering tactics to get you to click on a dodgy li...

Tips Productivity

7 tips to get the most out of OneNote

OneNote is a super versatile program that comes with Microsoft Office. It allows you to take quick and easy notes and ke...

Tips Security

EOFY is also a busy time for phishing emails

All year round scammers send out emails claiming to be from big organisations like the ATO, big banks and even services ...