Hook, Line, and Cyber Sinker: Let’s Discuss Phishing Emails

Introduction

Email phishing scams have become the notorious bait used by cybercriminals to hook unsuspecting individuals and businesses. It’s a quirky world where deception knows no bounds. But don’t fret – we’ve got your back! In this blog, we’ll dive into the murky waters of phishing emails, exploring what they are, common scams in the UK, common targeted businesses, ways of identifying phishing emails and steps to prepare, prevent, or handle a phishing attack.

What is a Phishing Email?

Phishing emails are fraudulent messages that appear legitimate, often mimicking reputable businesses. For example – emails claiming that your Amazon Prime membership has expired, or emails pretending to be Royal Mail and asking you to pay for postage on a parcel due to be delivered to you.

Cybercriminals use phishing emails to trick recipients into revealing sensitive information, such as passwords, credit card details, and personal data. These emails may prompt you to click on malicious links, download attachments, or divulge confidential information.

Common Phishing Scams in the UK

Phishing scams in the UK come in various forms, including fake bank notifications, HMRC tax refund claims, parcel delivery issues, and more. These scams prey on people’s trust and curiosity, making them susceptible to falling for the bait.

Microsoft Phishing Scams:

Sender Impersonation: Cybercriminals often send emails that appear to come from Microsoft or its various services like Outlook, OneDrive, or Microsoft 365. They may use a domain name similar to Microsoft’s, making it challenging to distinguish from the real thing.

Requests for Verification: The phishing emails may claim that your Microsoft account is at risk, or that your password needs updating, and that you need to verify your identity or update your account information. They’ll typically ask you to click on a link to a fake login page and enter your credentials. In the above example, if you were to hover over the portal link, you would see that the URL is not a Microsoft site.

Suspicious Attachments: Attachments within these emails may contain malware or viruses, posing a threat to your system.

Microsoft is a popular target because so many individuals and businesses rely on its services.

Royal Mail Phishing Scams:

Sender Impersonation: Scammers may send emails that appear to be from Royal Mail, claiming issues with a parcel delivery. These emails can look convincing, often including the Royal Mail logo and branding.

Delivery Redirection: The email may ask you to click on a link to “track” your parcel or “resolve” a delivery issue. This link could lead to a fake website where you’re asked to enter personal and financial information.

Royal Mail phishing scams are particularly prevalent in the UK, especially during peak shopping seasons such as now, ahead of the festive season, or global events, such as the COVID-19 pandemic, which saw a surge in delivery-related scams.

Amazon Phishing Scams:

Sender Impersonation: Scammers may impersonate Amazon or Amazon Prime in their emails, using similar branding and logos to make the email appear legitimate.

Fake Order Confirmations or Account Issues: These emails often claim you’ve made a purchase on Amazon and ask you to verify your account or payment details by clicking on a link. Or, like the example above – they may claim that your account details/payment information requires updating. You can see in the above image, the sender email address does not look like a legitimate Amazon address.

Suspicious Attachments: Some emails may include attachments purportedly containing invoices or order confirmations that actually contain malware.

Amazon phishing scams are quite common, given the popularity of the platform. The frequency may increase during holiday shopping seasons or special sales events such as black Friday,

Types of Businesses Targeted

Cybercriminals don’t discriminate – businesses of all sizes can be targets. However, small and medium-sized enterprises (SMEs) often lack the robust cybersecurity measures that larger businesses may have in place. Phishing attacks on SMEs can result in data breaches, financial losses, and damage to their reputation.

Spotting a Phishing Email

Phishing emails can be convincing, but they often contain subtle signs that give them away. To protect yourself and your business, it’s important to be vigilant and train your employees to recognise the following red flags:

Check the Sender’s Email Address:

Look closely at the sender’s email address. Phishing emails often use slightly altered or fake addresses that mimic legitimate businesses. Verify that the domain matches the official website of the supposed sender.

Be wary of email addresses with strange combinations of numbers, letters, or symbols. Legitimate companies typically use professional and consistent email addresses.

Generic Greetings:

Phishing emails often start with generic greetings like “Dear User” or “Hello Customer” instead of addressing you by name. Legitimate companies usually personalise their emails with your name.

Urgent or Threatening Language:

Phishing emails often create a sense of urgency or fear to pressure you into taking immediate action. Watch out for phrases like “Your account will be suspended” or “Immediate action required.”

Spelling and Grammar Errors:

Many phishing emails contain spelling and grammar mistakes. While reputable companies proofread their messages, scammers may not pay as much attention to detail.

Suspicious Links:

Hover your mouse over any links in the email without clicking on them. A tooltip should show the actual web address the link leads to. If it looks suspicious or doesn’t match the official website, it’s likely a phishing attempt.

Be cautious of links that use URL shorteners, as they can conceal the true destination.

Email Content:

Be sceptical of unexpected emails that ask you to provide sensitive information, such as login credentials, credit card numbers, or personal details. Legitimate companies typically don’t request such information via email.

Watch out for unsolicited attachments or downloads, as they may contain malware. Only open attachments from trusted sources.

Look for Mismatched Logos and Branding:

Phishing emails may include logos and branding that don’t quite match the official ones. Pay attention to any visual discrepancies.

Verify Contact Information:

If you’re unsure about the authenticity of an email, don’t use the contact details provided in the message. Instead, go to the official website of the organisation and find their contact information to verify the request.

Check the Signature:

Legitimate emails often include the sender’s full name, position, and contact details in the email signature. Phishing emails may lack this information or contain incomplete signatures.

Trust Your Gut:

If an email seems too good to be true or raises suspicions, trust your instincts. It’s better to be overly cautious and investigate further than to fall victim to a phishing attack.

So, now we know what a phishing email is, what some of the common phishing emails may look like and how to do your best to spot a phishing email, let’s have a look at how we can prevent these attacks from harming us, our business or our devices –

 Use Security Software:

Implement strong email filtering and antivirus software. These tools can help identify and block phishing emails before they reach your inbox.

By staying vigilant and educating your employees about these warning signs, you can significantly reduce the risk of falling for phishing scams. Encourage a culture of cybersecurity awareness within your organization to protect your business and its data. Our IT support team can help you decide what level of security would be best and can support you in implementing any changes.

Preparing Your Workers For Phishing Scams

Training your employees to recognise and report phishing emails is crucial. Conduct regular cybersecurity awareness training to keep them informed about the latest tactics used by cybercriminals. Ensure that your team knows who to contact if they suspect a phishing attempt.

Preventing Phishing Attacks

Implement robust email filtering, spam detection, and antivirus software. Encourage the use of strong, unique passwords for every account, and enable multi-factor authentication. Regularly update software and systems to patch vulnerabilities that cybercriminals may exploit. You can read more about Multi-Factor Authentication, or MFA, on our previous blog.

Responding to Phishing Attacks

In case an employee falls for a phishing scam, have an incident response plan in place. Isolate the compromised system, change passwords, and report the incident to the appropriate authorities. Communicate the breach to affected parties and provide guidance on protecting their data.

Conclusion

In the world of email phishing, the line between real and fake can be razor thin. But with the right knowledge, vigilance, and cybersecurity measures, you can navigate these waters with confidence. Stay informed, train your team, and bolster your defences to outsmart cybercriminals and protect your business from the lure of phishing emails.

If you’re on the search for reliable IT support, we would be delighted to hear from you.

Testimonials

Abbie McCahill

“As a small team, time at work can be quite precious so when there’s a glitch with a laptop or a computer, it can really be a nightmare. Prior to us having sfG Software to support us, if one of the laptops was playing up, I’d invariably get asked to look at it and the downtime involved would usually be significant. Now, we pay sfG a very reasonable monthly retainer and if anything goes wrong with any of our equipment, we’re all safe in the knowledge that we can pick up the phone to or raise a ticket with one of the experienced engineers and the problem will be sorted out with minimal disruption. I really wouldn’t hesitate to recommend sfG to any customers or associates and I’m really grateful to have sfG Software as an extended arm of our team! Thanks again for supporting us so well!”

Abbie McCahill, Managing Director
Adder Business Ltd, Inverness

Tony Lister

“Having just signed up to get sfG Software to look after our IT needs, I wanted to thank you and your team for what has been an exceptional onboarding process. Andy is a good listener and has very quickly helped increase our understanding of the benefits of Office 365 and helped set up our systems to work more effectively. We have already agreed a gameplan for further improvements and are delighted with his expertise and knowledge. We are confident that as our company expands, we have the right people in place to look after our systems and would happily recommend sfG Software to anyone wanting assistance with their IT needs. We look forward to working with sfG Software for many years to come.”

Tony Lister, Director
Hamish Homes, Inverness

Stewart Nicol

“We’re delighted with all aspects of the service we receive from all of the sfG team. The Helpdesk are particularly responsive to any requests we make of them and we’re kept well up to date on how the service is performing for us. It’s good to be able to endorse someone who is doing a great job for us. Keep up the good work!”

Stewart Nicol, Chief Executive
Inverness Chamber of Commerce

Highland Hospice

“Your response was great including the swift site response and working through the situation to resolution. You clearly identified the fault, where the issue was and put future mitigations in place. All this reinforces our confidence in sfG providing IT support to the Hospice.”

Highland Hospice

Scott Anderson

“Can I also take this opportunity to say that every time we deal with sfG we are always impressed at the speedy, helpful and efficient response we get. In this post-covid day and age I am finding it increasingly difficult to find suppliers who live up to their word, but sfG always deliver.”

Scott Anderson
Masson Cairns Solicitors and Estate Agents

Freda Newton

“I am often reluctant to give references in case it all goes wrong but I have to say that the support from sfG has been the best that we have had and I feel that our systems are much more robust and professional having listened to their advice.”

Freda Newton, Managing Director
Jacobite Cruises, Inverness

Louise Allen

“We started working with sfG in December 2011. We had been used to a very personal and responsive service from a sole trader, but we had outgrown this service and went out to tender. sfG won the tender convincingly, offering a blend of the personal approach we’d been used to and the capabilities and expertise of a bigger organisation.

We had a number of network issues that needed to be addressed, and we completed these within the first year of our partnership with sfG. They guided us through this work and achieved a good balance between letting us get on with what we could do for ourselves and stepping in to help. This allowed us to keep costs to a minimum, whilst ensuring that the work was carried out efficiently and effectively, with minimum disruption to the business.

They have been generous with their knowledge and we are developing our own competency through working in partnership with them. They provide us with an ongoing monthly support service, through which they carry out regular monthly updates and monitoring remotely.

On the occasions we have needed advice or attention on site, they have responded in a timely manner, appropriate to the severity of the problem. Our network is now much more robust and our support costs are predictable and well managed. We have found all the members of the sfG team a pleasure to work with.”

Louise Allen, Finance and Administration Manager
Eden Court, Inverness

Scott Murray

“We have been working with sfG for a number of years now, and have found their service to be attentive and efficient. Nothing is too much hassle, and if they can’t do something they are happy to make a recommendation for someone who can. Their pricing is great and, unlike some companies, we have never had a bill for “extras” that weren’t discussed before a project. All in all, a great bunch of guys to work with.”

Scott Murray, Managing Director
Cru Holdings

David Brookfield

“My experience of IT support companies was that they were broadly all the same and all very mediocre. Since moving our business to sfG I have changed my view entirely.

The changeover from our previous providers was seamless and since then the support we have received has been excellent. The personnel at sfG are very easy to speak to. We receive almost instant responses to our needs and help is provided even if the issue isn’t directly within their remit.

We are kept up to date with our usage and spend via the monthly activity reports which provide excellent statistics for our Board and all at a very competitive price. sfG are certainly a cut above the norm in the IT Support industry.”

David Brookfield, Head of Finance and IT
Centred

Mike Ayres

“sfG have provided IT support services to HighWater since 2011. The broad range of technical capabilities provided by their patient and dedicated support staff ensures that they are always able to respond to our needs in a timely and efficient manner. The accurate data provided by their support desk system ensures that they are able to provide HighWater with a tailored, cost-effective IT support package designed to suit the size and complexity of our company. sfG’s staff have gone above and beyond the level of support that I have typically experienced from other companies when we have had unforeseen out-of-hours IT problems. In summary, I couldn’t recommend them highly enough!”

Mike Ayres, Managing Director
Highwater

Dan Rose-Bristow

“We have used sfG now since 2015 and have always found the service to be friendly and professional. They cover periodic maintenance, ad hoc issues as well as upgrade installations. They often work with 3rd party suppliers and always facilitate any issues that this can bring. sfG look after our Office 365, server and networking, PC maintenance, switches and access points, wireless infrastructure, EPOS hardware and cyber security. I would highly recommend them as a business to work with and we appreciate the service they provide for us”

Dan Rose-Bristow, Owner
The Torridon

Sarah Fowler

“We’re a small charity that has muddled by without any formal IT support for many years, with frustrations and glitches ever growing! Our IT had really started to hold us back and interfere with our day to day work. It took around a year from us initially contacting sfG for us to finally take the leap and enter into an SLA. During that time they were incredibly patient, understanding and always happy to answer any questions we had. We’ve now made the move to Office 365, supported by sfG every step of the way. There’s lots still to do but they’re happy to work with us, at a pace that suits the team, so everyone can get used to changes gradually and avoid any additional pressures. I have no hesitation in reccommending sfG.”

Sarah Fowler, Chief Officer
Chip+

Jennifer MacLeod

“We were delighted to find sfG. After many years of various IT companies, we are now in a stable position with all our IT standardised. sfG staff are so helpful and efficient, always at the end of the phone to help. No issue too big or too small, always happy to help.”

Jennifer MacLeod
Stòras Uibhist

John Gell

“It’s invaluable having the team at sfG only a phone call away. Any PC-related issues are resolved quickly and with a minimum of intrusion, while server maintenance is carried out remotely as a background operation. I can’t recommend them highly enough”

John Gell, Director
Simply Let

Sarah Woodcock

“HSPC have been working with sfG for over a year, in that year sfG have helped create a new database for the business, this has made an incredible difference to work efficacy. All work processes are improved. The cost was very competitive too. sfG now also provide ongoing IT support for HSPC, this too has been faultless – round the clock friendly affordable expertise; this means we can focus on what we do best and not have to get tied up with anything when any IT problems arise, the numbers of problems are also much reduced because they set the system up well in the first place and have all the security and back up in place. We are delighted we chose sfG”

Sarah Woodcock, Manager
HSPC (Highland Solicitors Property Centre), Inverness

Ian Nicoll

“You certainly seem to be the best of the IT people we have used so far.”

Ian Nicoll
Qmulus Ltd, Inverness

Brenda Dunthorne

“sfG have provided us with IT support for a number of years and we are always very pleased with their response time and the outcome of their advice. In addition sfG have supported us in some complex bespoke software developments which demonstrated their skills and determination to achieve the desired outcome. The sfG staff are always very polite and a pleasure to work with.”

Brenda Dunthorne, Director
In Your Element

Ed Ley-Wilson

“The differences, so far, between your service and our previous experiences over the last twelve years, are firstly that you provide a proactive service and secondly you do what you say you are going to do. So far, this is certainly setting sfG apart from the ‘others'”

Ed Ley-Wilson
Leah Ley-Wilson Recruitment, Inverness-shire

Charlie Bullock

“sfG gives us far more than any other IT provider would have done. We feel in control of everything, from service levels to performance to monthly costs. It is easy for us to log and track issues, problems are solved quickly and the costs are kept low.”

Charlie Bullock, Operations Director
Aquascot Ltd, Alness, Ross-shire

Sarah Mackay

“Appointing sfG has been a wise business move for us at Canonbury Interiors. Now sfG handle all our IT issues, we are free to focus on our clients and what we do best.”

Sarah Mackay, Managing Director
Canonbury Interiors

Paul Wood

“We’ve been using sfG software for many years now for our back-office, server and IT support. Their fast, knowledgeable and reliable service has ensured IT failures and niggling computer problems are all, fortunately, a thing of the past!”

Paul Wood, Managing Director
West Highland Publishing Company

Audrey Hogan

“sfG deals very efficiently with all our IT requirements. It’s a pleasure to deal with such a friendly company.”

Audrey Hogan, Director
Caley Cruisers, Inverness

Rod Michie

“sfG Software were the only company in the Highlands that could provide us with 7 day a week cover, which is essential for our business. They have completely updated our systems and have constantly impressed us with how responsive, professional and helpful they are.”

Rod Michie, Director
Jacobite Cruises, Inverness

Stephen Gibson

“In short, we are absolutely delighted with the service provided by sfG and I would strongly recommend them for your own business.

sfG also made us aware of a programme offering donated technology products to UK charities from partners such as Microsoft and Cisco. Using our charity status we were able to purchase software licences and other products at a staggering discount, literally saving us £ thousands. You could say that this saving alone has paid for our IT support service for the next 2 or 3 years!”

Stephen Gibson, Financial Controller
The Shirlie Project, Inverness & Fort William

Dave McLaughlin

“As with most modern businesses we have become totally dependent on IT systems in all areas. Any break in service has a direct cost impact. We have been working with sfG for many years and their support is critical to our business. I would highly recommend their professional service.”

Dave McLaughlin, Managing Director,
Shandwick Supply Co

Daniel Murdoch

“We have been with sfG for just over a year now and their customer service has been first class from the first minute.  Initially, we probably weren’t their ideal client as we were just starting out, however during the first year of a business, the last thing you want to be worrying about is IT.  With a number of new employees and systems coming in throughout the year, sfG have been on top of all our needs and requirements.  Their response to any issue or query is within minutes and any issues which do arise are resolved well within their SLAs.  Their charging structure is very fair which sees us never overpaying for support which we don’t require or use throughout the year.  The team are all very friendly, personable and are quick to come and see us in person if required.”

Daniel Murdoch, Financial Planner
57 North Financial Planning

Bruce Farrell

“Without the help and support from sfG, I would still be staring at a screen now scratching my head.
The support they offer is above and beyond normal.
Extremely friendly staff, very understanding.
We required a specific bit of work done for our company and Andy was extremely helpful and did work behind the scenes that was outstanding.

The work he did will now save us hours of work.”

Bruce Farrell, Rope Access Technical Authority
Ethos Inspection Solutions