In 2021, nearly 18% of brand phishing emails impersonated Amazon, with DHL, DocuSign and PayPal also popular.
What is a phishing email?
It’s an email sent by cyber attackers, designed to trick recipients into unknowingly sharing sensitive or personal data with them. Phishing attempts are constantly evolving and becoming more sophisticated, which can make them harder to identify. Since lockdown, phishing emails about parcel deliveries have become much more common, because of restrictions with people being able to go out.
Top 5 ways to spot a phishing email
- Look at the sender’s name and email address – does either contain spelling mistakes, or characters you haven’t seen included in previous emails received by the company or person?
- Is the email subject something you would expect to receive an email about?
- Are you being asked to share personal information by clicking on a link in the email? For example, a bank never asks for any personal information such as your PIN
- Poor language and formatting – for example, unfamiliar greetings, spelling mistakes, varying font styles and sizes
- Suspicious attachments or ‘too good to be true’ offers in an email – these are designed to make you click on links that allow the attacker to steal your information
How can you safeguard against phishing?
It’s crucial that cyber security as a wider topic is prioritised and valued by the C-suite and directors in every company, with good practice visible to the rest of the business.
Carrying out training, for all staff, and ensuring it’s regularly updated is the best way to protect your business against phishing attacks.
Demonstrating the ways in which everyone in your business can help protect against phishing attacks is crucial. Showing staff how their specific roles are impacted by phishing attacks helps people understand how and why they can help to keep the business they work in safe.