Keep your business safe – How to recognise phishing scams
Whilst you can do everything feasible to avoid phishing scams, it’s not always possible to keep your business safe. After all, no one can account for human error 100% of the time. This means that you need to prepare your business to deal with these scams. Your staff must know how to recognise them and once identified, you can notify your insurance adviser as well as government resources such as the ACCC and help keep other businesses cyber-safe.
Tell-tale signs of phishing scams
A frequent tactic involves emails that claim to be from a company your business regularly deals with, asking you to verify your company’s details. Unsuspecting employees are easily duped into thinking that it’s a genuine request, which is why these phishing scams are so successful.
So it takes no stretch of the imagination to realise that preparing your business to deal with social engineering fraud should be an important part of employee training. Here are a few of the signs that help employees recognise scam emails.
Incorrect domain names
Staff should check that the sender’s email address matches the name of the company. For example, if the email is apparently from Microsoft, then the sender’s email should include Microsoft as part of the sender’s address. It’s not always that easy, however, because phishing scams often use subtle misspellings in the domain name that can escape a cursory examination.
Another issue is that legitimate companies often use a variety of email variations of their domain names, relating to different departments. For example, a web design company might have different emails that include the words ‘support’, ‘hosting’ or ‘accounts’ to ensure that your response arrives at the correct department.
To keep your business cyber-safe, compare the sender’s email with previous emails received from that company. You can also call them using a number not taken from the email and confirm that the email is genuine.
Sense of urgency
Another aspect of phishing emails is that they promote a sense of urgency. They want you to click on or download an attachment immediately or your business will be penalised. This is a common trick used in phishing scams to make you panic and act before you check whether the email is genuine or not.
Poor spelling and grammar
Another tell-tale sign of social engineering fraud is poor spelling and grammar. With these emails being sent from all around the world, many contain spelling and grammatical errors. Some scammers use translation software to try and overcome this problem but mistakes are still made and can be picked up by employees with good literary skills.
Emails that are not personalised and are sent with a generic greeting are often from scammers. In today’s world, any B2B company can identify the correct person to contact in another company. So always consider these emails suspicious until proven otherwise.
If you’ve received an email from a new address or an address that hasn’t been used for a long time it’s worth further investigation. It could be a scam, so to keep your business safe, always make the necessary checks.
Business Insurance Brokers
Whilst identifying phishing scams helps keep your business cyber-safe, these scammers are successful because they are very clever. Some scams inevitably slip through the net which is when cyber insurance becomes so important. With the right type of cyber insurance, you can manage your liability and protect your business even if the worst happens.
To explore the benefits of cyber insurance for your business, contact HMD Insurance to discuss your needs further.
This communication including any weblinks or attachments is for information purposes only. It is not a recommendation or opinion, your personal or individual objectives, financial situation or needs have not been taken into account. This communication is not intended to constitute personal advice. This type of insurance product is designed for small and large businesses, that want to be covered against financial loss relating to accidents or personal injury involving contractors or sub-contractors.
We strongly recommend that you consider the suitability of this information, in respect of your objectives, financial situation and needs before acting on it. This document is also not a Product Disclosure Statement (PDS) or a policy wording, nor is it a summary of a particular product’s features or terms of any insurance product. If you are interested in discussing this information or acquiring an insurance product, you should contact your insurance adviser to obtain and carefully consider any relevant PDS or policy wording before deciding whether to purchase any insurance product.