Can you spot a phishing email?

Email, Security


Phishing emails are on the rise and it seems that not a day goes by without hearing or reading reports of new types of scam in the press. While some may have the attitude that they would never fall for a phishing email, it is worth keeping in mind that these emails are now more sophisticated and believable than ever before. Many businesses and individuals alike are falling for them, even those who would consider themselves to be switched on and technically literate.

Many businesses, from giants such as Google, to start-ups, have lost money to phishing emails in recent times – no one is immune.

What is a phishing email?

A phishing email is a tactic that fraudsters use to get people to reveal bank details or send funds. While we may all have laughed in the past about promises of ‘sharing a lottery win’ or ‘getting a share of a large estate’, phishing emails now are more likely to look and sound as though they are from a colleague or supplier.

Some signs are easy to spot, such as differing from and reply to addresses, slight grammatical errors, or even an address that is very similar to someone you know, but not quite. As a general rule of thumb, if you are even slightly suspicious, double-check!

Common tactics in phishing emails

In addition to using fake business email addresses designed to look like someone you know, fraudsters will often use phishing emails conveying a sense of urgency, to make you think that if you don’t comply, you will be in trouble of some kind.

For example, it might be an email that appears to be from a regular supplier, saying you must pay an overdue invoice now or risk being blacklisted. Or it could appear to be from HMRC, saying you are overdue on a corporation tax payment.

Another tactic that fraudsters will use is to pretend that their phone is broken or they are locked out of their usual email address, so always be vigilant if something appears to come from someone you know, but is asking you to communicate with them in an unusual way.

Popular scams

Popular scams from phishing emails include fake invoices that look very real and plausible, tax alerts which scare users into thinking they have not correctly paid tax and even scams involving house purchases, where scammers send emails that appear to come from your solicitor so you end up transferring funds to a fraudster.

How you can defend yourself

While it is true that scammers are becoming ever more sophisticated, there are things you can do to protect yourself. Never accept an invoice from an unknown business email, even it does appear to be from someone you know. The same goes for opening attachments – if in doubt, don’t!

Make sure everyone in your business knows and understands this. Make it company policy that all invoices need to be signed off by at least two people. Also make sure that everyone knows that if they are in any doubt, it is always better to check – then check again!