Phishing Scams

Phishing scams have been around for years, and while many people are aware of them, they continue to be more prevalent and dangerous, especially with the increasing use of technology and social media.

They’ve also become much more sophisticated in recent years and now target businesses and their employees. These scams are called “spear-phishing” and are particularly dangerous because they are specifically targeted at individuals, and often appear to come from someone a person knows, such as their boss or a Head of Chambers.

These phishing emails often ask the target individual to provide sensitive information such as login credentials or account numbers or even just their WhatsApp number. The email may claim to be from someone ‘higher up’ in the business and their “CEO” may ask their “employee” to download an attachment or click on a link, which could potentially install malware on their computers.

Just recently, we ourselves were targeted…

Our very own Marketing Manager, Chantal, received an email from Briefed’s CEO, Orlagh, which appeared a little suspicious. Coincidentally this occurred a day after Chantal had shared her new job role on LinkedIn. Discussing it with us, Chantal stated that

“It looked a little unusual from the get-go, the email appeared from Orlagh, but it was someone else’s email address which was obviously a red flag. While I knew Orlagh wasn’t attending a conference that day, she had been the day before in Birmingham which she posted about on LinkedIn – it just goes to show you how savvy these scammers are getting. Fortunately, I had just completed the GDPR training a few weeks prior, so the content was still front of mind.”

Have a look at the email below:

What to look out for in phishing scams?

• Suspicious hyperlinks (don’t click on any links or attachments before verifying their legitimacy)
• Misspelling
• A fake email address
• Unusual characters in email addresses
• Incorrect grammar
• Vague or unusual requests from the person who sent it

What are the consequences?

Data Theft: The attackers may trick the victims into revealing their passwords. Moreover, if you use the same email and password combination across multiple accounts, a scammer can easily gain access to them all.

Financial Loss: If they gain access to financial data, they may steal money from your account.

Legal Action: A data breach caused by a phishing email could result in a significant fine for your company, as well as damage to the company’s reputation.

With the rise of phishing emails, it’s more important than ever to be vigilant and take steps to protect yourself and always double check an email if you think something just doesn’t feel right.

In conclusion,  it’s vital for organisations to educate their employees about the risks of these phishing attacks and how to recognize them, so they’re continually on guard and educate their team to the fact that their online social media posts e.g. celebration of a new job or attendance at an event may well be used against them.