Phishing Awareness

Protect your business from Cyber threats by being phishing aware – here’s everything you need to know

Request a callback

Steps to identifying phishing emails

Below are the 8 most important elements to check when you receive a suspicious email into your inbox.
Make sure you are familiar with all of them because if you receive an email with even one of them in it, the chances are it is a cyber security threat and you must NOT click or action it in any way, other than to report it.

Phishing Awareness Scam 2 Thumbnail Identifying a fake email address Clickbait subject How the email addresses the recipient Vague or generic content An unnecessary sense of urgency Malicious URLs Inconsistencies in spelling and layout Email signature
Download How to Spot a Phishing Email Guide

What is a Phishing Attack and why are they dangerous?

Examples of Phishing Emails

Scroll through some of the latest cyber attacks and make sure you are phishing aware:

Download How to Spot a Phishing Email Guide

Types of Phishing Scams

When being phishing aware, it is good to know that there are different types of phishing scams. We have outlined the main ones you should be familiar with before they happen to you, or your colleague.

GDPR Scams

Even after the implementation of GDPR, email campaigns asking users to accept a new mandatory privacy policy due to changes in legislation as a result of GDPR, are still prevalent. Clicking on the URL provided, however, prompted recipients to submit personal data including financial and account details.

Whaling Scams

This is a relatively new type of phishing email that specifically uses board meetings as an email topic to target C level executives. The email will appear to come from the CEO and will ask board members to reschedule the meeting via a link in the email. Once this is clicked, you have opened the door to your credentials for the hackers. The email may even have a subject headline or content that appears to be unique or specific to your business.

Tax Scams

HMRC scams are often used to bait phishing victims, taking the form of a promised rebate if the recipient completes a tax refund request. Clicking through to the website, which also looks legitimate, reveals a form asking for personal details in addition to bank account details.

Tax Scams

HMRC scams are often used to bait phishing victims, taking the form of a promised rebate if the recipient completes a tax refund request. Clicking through to the website, which also looks legitimate, reveals a form asking for personal details in addition to bank account details.

Sextortion Scams

One of the more prevalent phishing scams, sextortion sees criminals sending out emails claiming to have recordings of the recipient watching pornographic content. To give authenticity to the threat, a criminal might send a previous password of the recipient’s, acquired from a past data breach, but claiming it to be a recent hack.

Banking Scams

One perennial phishing scam comes from an email stating that a bank transaction was rejected. The victim, fearing a fraudulent transaction has been made in their name, will click on the link provided in the phishing message and leave their data vulnerable in the process.

Lottery Scams

The idea of winning the lottery is an appealing thought to most. As such, lottery phishing is popular. Offering the ability to ‘claim your prize’, lottery phishing emails typically request your name, address, bank account details, or PayPal information. Fraudsters can then sell this information on the dark web.

Child Porn Phishing Attack

This currently circulating phishing campaign is particularly dangerous – not only does the email manufacture a malicious, damaging, and costly extortion attempt by implicating the victim with possession of child pornography, but it also contains links potentially riddled with malware.

Weaponised Attachments Scams

A particularly dangerous phishing attack, cyber criminals have been able to weaponise PDF attachments. Once opened, the XML within the attachment runs a script, bypassing security and granting the attacker remote access to the recipient’s infected PC.