For pretty much as long as email has existed, scam emails have also existed – you could say it’s the Joker/ Batman relationship of the digital world. However, as time goes on and scammers become ever sneakier in their pursuit of ill-gotten riches, it’s becoming harder to spot when something is amiss.
With the National Cyber Security Centre (NCSC) reporting a rise in online threats during the current pandemic accompanied by a shift to homeworking often creating new cyber security vulnerabilities for businesses, it’s even more important than ever that you’ve not only got a high level of security in place, but that both you and your employees know exactly what to look for to verify an email’s legitimacy.
So, how can you tell if an email is a scam?
What is the content of the email?
These are the things the NCSC also recommend looking out for:
Cyber criminals want to con you into acting without thinking, if it says you only have a few hours to respond, or makes you feel panic – this is a real red flag.
If you feel like you’re being guilt-tripped into donating money to a cause and it’s causing a strong emotional response, it might not be genuine. If it’s a cause you might genuinely like to contribute to, do some research, find a website, have a look for legitimate social media, and donate directly to the charity rather than via the email you have received.
To add to the ‘panic’ element, scammers often pretend to be someone who has authority in order to give themselves a false air of credibility. If your email is from a Doctor, Lawyer, Accountant, boss, or anyone else in a position of power, definitely be cautious and look at other elements of the email too in order to discern whether or not it’s legitimate.
Missed out on tickets to the sporting event of the century? If tickets are scarce and you receive an email offering you tickets, it’s probably a case of ‘if it’s too good to be true, then it probably is’. Scammers will often play on the fear of missing out to get a response before you’ve truly thought about it.
The ‘event of the moment’ is the Covid-19 pandemic sweeping the globe and there are scams aplenty taking advantage of people’s fear on this. Fake test and trace emails asking people to enter card details to book and pay for a Covid test are plentiful, which is really awful, but scammers aren’t best known for the quality of their moral compasses.
Who is it from?
Phishing, is probably the most prevalent form of dodgy email. This is because the scammer is literally fishing your information. They’re dropping the bait into as many inboxes as possible in the hope that a certain number of recipients will take the bait.
At the moment with the global increase in online shopping, there are absolutely loads of emails pretending to be Amazon, Paypal, DPD, eBay etc , sending emails about missed parcels or restricted accounts in the hope that you’ll click on their link and fill in some details that they can then exploit for their own gain.
Clinking on a link may also download malicious software onto your device, so it’s always good to pause for thought before doing so!
When you receive an email, check to see who it’s from. If it says ‘Amazon’ at the top of the email, hover your cursor over and see what email address it’s actually from. If it’s from something like ‘firstname.lastname@example.org’ and not an ‘email@example.com’ email address, you’re safe to delete, and not worry about your account at all.
It might be that you’re reading this post, thinking ‘I would never fall for that!’, but the reality is that most scams in some way thrive off of trying to create a sense of panic or urgency. If you read it on an off day when you’re already a bit stressed, you might carry out an action first, and think about it later.
With so much information about companies being in the public domain, it’s really easy for scammers to ‘spoof’ email. This means your team could receive an email which appears to be from your email address, but it isn’t actually you.
There have been cases where an employee in accounts has read an email from their boss asking them to transfer some money into a different account, carried out the request, and lost the business a lot of money as a result.
Although this is a hard one to spot just by looking at the email itself, if you or your staff getting an email from anyone making a similar request, it’s a great idea to pick up the phone to the sender and double check the request is from them.
Don’t become a statistic!
In the Cyber Security Breaches Survey: 2020 46% of business between March 2019 and March 2020 reported having identified security breaches or attacks. Those are only from the businesses surveyed, and breaches which have been identified, so it’s safe to assume that’s a conservative number.
If you’d like us to take a look at your current email security and suggest ways you can improve it, or you’ve received an email and you’re still not entirely sure whether or not it’s a scam – please get in touch. Just give us a call on 01373 768024 or forward your query to firstname.lastname@example.org
We’re here to make sure you don’t experience easily preventable security breaches and end up in the above numbers next year!