Stay vigilant when it comes to online communication. If you receive a message or email from an unfamiliar sender, it’s best to exercise caution and avoid opening it. Take a moment to verify the sender’s identity and the legitimacy of the message. Look out for any misspellings in the sender’s name or company details, and be wary of unusual links or attachments. Remember, it’s better to be safe than sorry. Consider these eye-opening phishing statistics:
- Small and mid-size businesses suffer substantial losses, with an average of $1.6 million spent on recovering from phishing attacks.
- Shockingly, over 70% of phishing emails successfully entice their targets into opening them.
- The alarming pace of cybercrime is evident as a new phishing site emerges on the internet every 20 seconds (dataprot, 2023)
Understanding Phishing
Phishing is when bad actors send fake messages that seem to be from trusted sources, like your bank or a payment website. They do this through emails, texts, or instant messages. Their goal? To trick you into giving away your personal info, like passwords or credit card numbers.
Here are some ways to recognise a phishing email
- First time or infrequent senders
- Spelling and bad grammar
- Generic greetings
- Mismatched email domain e.g. nodespay.vip or nod3spay.com. Always be watchful for very subtle misspellings of the real domain.
- Suspicious links or unexpected attachments
- (support.microsoft.com, 2023)
Here are some tricks attackers might use in their messages
- They might claim there’s been suspicious activity on your account, even if there hasn’t.
- They might say there’s a problem with your account or payment info, when there isn’t.
- They might ask for your personal or financial details, even though they shouldn’t.
- They might send you an invoice, link, or attachment that looks strange or unfamiliar—it’s probably fake.
- They might try to get you to click on a link to make a payment, but it’s a scam.
- They might offer you a discount or free stuff, but it’s not real. (Source: consumer.ftc.gov, 2023)
Email is the most common way they do this. Another way is by creating fake websites. These scammers might make a fake website or app, or they might put ads on a real company’s website to lead you to theirs. It doesn’t matter if you’re a small business owner, an online shopper, or a CEO—you could still be their next target.
How to Stay Safe from Phishing
- Use security software to keep your company safe.
- Make sure your phone updates its software automatically.
- Add extra security to your accounts with multi-factor authentication.
- Keep your data safe by backing it up regularly.
- Don’t click on any links or attachments in messages you’re not sure about.
- Delete or report any messages that seem suspicious or from unknown sources.
- Add spam filters to your email.
- Never email personal or financial information without proper security protocols.
- Do not respond to messages seeking personal information via email.
- Call the sender directly to verify if a message you received is legitimate.
- Check that the website you are visiting is secure. Look for a lock icon or an address that begins with “https:” indicating that the site is secure.
As more people use online banking and mobile payments, phishing attacks will likely become more common. Always be careful about where messages come from. If you think you’ve been scammed, act fast: change your passwords and report it right away.
