Phishing Emails- How to Detect Them and Avoid Being Scammed

Scammers, hackers and cyber security attackers use phishing emails, in which they pose as someone they are not, for financial gain. This allows them to steal sensitive information or deliver dangerous malware. This is usually done by including a link that will appear to take the victim to the fake company’s website to fill-in valuable details, which can then be used by the attacker for their benefit, or by including an attachment that is designed to infect your device with malware. This article will go in-depth into how to spot suspicious messages and what to do if you've already responded to the malicious email.

Rank Your Domain is committed to protecting our clients from cyber-crime. We will share relevant information on any potential threats that are emerging in the current climate.

COVID Cyber Security Threats

Microsoft recently warned customers about an ongoing COVID-19 themed phishing campaign, that installs the NetSupport Manager remote administration tool¹, which allows remote access to the compromised machines. There are many more of these scams happening throughout the world where fraudsters, often posing as health-related organizations, can manipulate the victim into downloading malicious macros. This allows them to steal any cryptocurrency wallets the victim may have, access sites without the user’s password and more.

How to Recognise a Phishing Email

Despite fraudulent phishing emails often being updated or changed, their tactics are very similar. Knowing what information is valuable to the fraudster is an important step in protecting yourself. Therefore, be wary of any emails or messages that ask you to give your login details and other sensitive information that could grant access to your email, bank, or other accounts.

Another aspect to watch out for is the story that the email is trying to sell. This could be anything from reasons why you must confirm some personal information, links to make an alleged payment to registering for a refund (usually from the government). Calling to verify the information claimed by the email is the best option to avoid giving your details into the wrong hands. You can also look for signs such as:

• How personal is the email? If it doesn’t contain your name, even though it’s allegedly sent by a company you are registered with, makes it suspicious.
• Did you receive previous emails from this company? How do they compare?
• Is it using urgency or emotion in a manipulative way?
• To further reduce the risk of receiving phishing emails, make sure you update software automatically or as soon as possible and use high-quality security programs.

How to Respond To a Phishing Email

If you suspect you have received a phishing email, it’s very important not to open any links or attachments that were sent with it. If you aren’t sure if the email is legit, then contact the company the email was allegedly sent from using a phone number or website you know is real. Avoid using the contact information within the suspected phishing email.

If you have received an email, which you’re not quite sure about, forward it to the Suspicious Email Reporting Service (SERS) at report@phishing.gov.uk.

If you opened a link from a suspected phishing email, you should take these steps:

• Disconnect from the internet
• Change your passwords
• Contact your bank or company that you have lost your security from
• If you received the message on a work laptop or phone, contact your IT department
• Update your security programs and run a test
• Set up a Fraud alert
• Backup your files

Brits are losing millions of pounds every year to phishing attacks². During this crisis, it is paramount to be especially careful of any Coronavirus-related emails that you may receive and to not open any attachments. If you would like to find out more on cyber security contact Rank Your Domain.