Strategic Group Blog

Everything you need to know about IT and technology

close
Written by Emily Gam
on May 04, 2017

Just recently it was revealed that both Facebook and Google were victims of a sophisticated phishing attack which stole $100 Million over two years. It’s surprising that two major tech companies could fall for such a scam, but the truth is that phishing is now a big business and the criminals behind it are getting better at it every day.

What is Phishing?

Phishing is when a scammer sends out an email claiming to be from a well-known organisation in an attempt to gather personal and financial information. You typically see these emails come from banks, mail carriers etc.

Several recent phishing campaigns targeting Australians have featured precise replicas of the imitated organisation’s brand design and competent use of English, where the typical fake email might historically have been easier to identify thanks to spelling errors, poor grammar and inconsistent design.

Red Flags

  • Links

Be wary of hyperlinks in emails, even if they look legitimate they could be linking to an entirely different URL.

  • Typos

Bad spelling and grammar can be signs of a scam email, also if the email starts with a generic greeting. However, some phishing emails are getting more sophisticated and targeted so bad spelling may not always be present.

  • Threats

Many phishing emails contain threats or negative consequences if action is not taken. These are usually in the form of account closure or legal action if payment is not made immediately.

  • Sender

Was the sender someone you don’t normally deal with, or was it out of the blue? Never click on links in an email from a sender you don’t know.

How to prevent phishing

It is important to remember that these organisations will never ask for your personal or financial information. If you suspect that an email you received is a phishing scam but you aren’t sure, contact the organisation. Make sure you independently search for their contact info, and don’t use the details provided in the email.

You should ensure your staff are trained and know how to spot a phishing email. Consider conducting phishing tests on your staff and holding regular training.

Remember to always stay vigilant about what links you click and what information you provide. It’s also important to have a working Disaster Recovery Plan in place in case everything goes belly up.

Disaster Recovery Plan Template

Let Us Know What You Thought about this Post.

Put your Comment Below.

You may also like:

Tips Security

No Place Like Home: Ensuring Cybersecurity for SMEs in the Remote Work Revolution

The rise of remote work in today's business environment creates unique opportunities, but also significant challenges fo...

Tips Security

Building a Phishing-Proof Business

With their alarming simplicity and devastating effectiveness, phishing attacks continue to pose a significant threat to ...

Tips

Social Engineering Red Flags - What to look out for

Hackers and scammers are getting more sophisticated, gone are the days of the laughable Prince of Nigeria scams, now sca...