What is a Phishing Email?
Phishing emails are a form of social engineering technique used to trick people into giving their personal or financial information to third parties. They are usually sent with the purpose of stealing money, identities and data. They may also be used to insert malware onto a computer.
Do You Know What to Look for?
Phishing emails are notoriously difficult to detect, especially if the person or organisation sending them is skilled in what they’re doing. To avoid getting caught out by one of these scams, you need to know what they look like and what you should look for when checking your inbox. How can you avoid being scammed by a phishing email?
Always check the sender’s email address before opening any email.
Do you know them?
Think Before You Click!
Check any web links in an email carefully before clicking them.
If you do click a link, look for the lock.
Web browsers show a lock icon for legitimate secured web pages. Some browsers may even say, “Not secure”. You should never log into any site that doesn’t have a lock icon.
Watch out for typos and grammatical errors, especially in the “Subject” field of the email.
This is often a clear indication that the email isn’t genuine. Genuine emails from reputable companies will often use professional spell checks and/or proof-readers before publishing.
Never provide personal information to an unsolicited caller or emailer.
Be cautious about requests for your passwords, billing information, or any sensitive company data, etc.
If you receive an email claiming to be from your bank asking you to verify your information, close the email and go to the bank website directly.
Emails threatening a negative consequence or loss of opportunity unless urgent action is taken, are often phishing emails.
The sender wants you to panic and rush to action before you have had the chance to look for potential flaws or inconsistencies.
Remember, good cyber security is vital in protecting your personal and company data.
Ensuring the security and robustness of your systems and your staff training is key to avoiding systems breaches and complying with your GDPR and Information Commissioner Office obligations as a data controller and processor.