Phishing, viruses and ransomware are some of the most common attacks aimed at organisations of all sizes, with phishing emails proving the most successful. In a Government survey published in April 2019, 80% of business and 81% of charities reported that they had received fraudulent emails or directed to fraudulent websites.
Cyber Security Breaches Survey 2019, Department for Digital, Culture, Media and Sport
So what are the easiest ways to spot a phishing attack?
- Take a close look at the senders email address. Is there a subtle difference to the ending of the address to the typical .co.uk or .com endings? For example .cn, .tv, .modi.
- Misspelling – keep an eye out for typos, particularly double letters within the email address.
- Name extensions – hackers also like to use name extensions within the email address, commonly hypens or double words. For example, if the phishing attempt was from a bank the then the email may look like mybank-billing.co.uk.
- Spelling mistakes – usually within the body of the email you may see spelling and grammar errors. Look out for things like double full stops.
- Subject line – often hackers will try and create a sense of urgency to grab the readers attention and encourage you to open the email.
- Triggering an emotional response – another common techniquies cyber criminals use is to try and trigger a negitive response from the recipient. Something that may even be threatening or look to make the person angry, excited or curious.
- Familiarity – phishing attempts may often be from a company you know but may not have purchased from. A classic example of this is invoicing. An email that contains a call to action that says “Did not authorise this purchase? Please click this link” is a common technique.
Cyber security Awareness Training
Empower your staff with the knowledge to recognise and defend against phishing attacks with security awareness training from Falanx Cyber.
READ NEXT: Rob Shapland, Head of Cyber Awareness discussing ethical hacking on BBC Breakfast
About Falanx Cyber
Falanx Cyber puts enterprise-class cyber security services within reach of every organisation. We identify areas of cyber risk threatening the integrity of your business and provide complete end-to-end managed cyber security services to alleviate those risks. Combining proactive managed detection and response services with penetration testing, incident response and consultancy.