Since the COVID-19 outbreak has pushed more people to rely on emails, phishing attacks have had a significant resurgence, capitalising on people’s panic and even imitating government emails to increase the chances of catching out unsuspecting readers.

WHAT IS PHISHING AND SMISHING?

Phishing attacks usually rely on duping victims into assuming an email is from a well-known brand, financial institution, or any other company that would typically require you to give them your personal or financial information. To put it into perspective, over £1.2 billion was stolen through identity theft in 2018, with phishing being a major source of personal information to leverage in these crimes.

These could be from your bank, insurer, social media platform or a high-value service or retailer, like Paypal or Apple, for example. Once the personal details are sent to the ‘phisher’ will use them to take out loans or other forms of identity theft and even sell your email address on to other criminal organisations for their own endeavours.

Smishing is very similar but uses your SMS service instead of email. These can be even harder to recognise, given that there’s far fewer visual indications that a text message may be malicious and any unrequested text message that provides an external link should be taken with an incredibly large grain of salt.

If you can see that ‘Search the web and Windows’ bar at the bottom of your computer, you’re on Windows 10. If you can’t, chances are you’re on Windows 7.

TYPICAL PHISHING/SMISHING INDICATORS

• Misspellings & bad grammar
• Urgent requests and those that mention COVID-19
• Asking for you to confirm your personal information
• Different name on signature compared to the email address it was sent form
• Attachments you have not previously requested

ARE PHISHING ATTACKS REALLY THAT SERIOUS?

Falling victim to identity theft can have significant knock-on effects, especially on finances and credit ratings, as well as destroying a victim’s online presence and ability to access accounts and services like social media, video streaming and gaming services to name but a few.

And that’s not to mention the effect on a business! With 82% of firms having experienced downtime as the result of an email attack, the financial implications can be severe, especially considering GDPR fines that could equate to 4% of a business’ global revenue, if the business’ cybersecurity protections are found to be severely lacking.

But, as long as you don’t type anything in, you’re safe, right? … Not quite.

As technology and software have progressed significantly in the last couple of decades, it’s pretty easy for these types of emails to add malicious software (Malware) that secretly installs itself on your computer and hides in the background.

This could mean that simply clicking a link or downloading the images within the email could put your computer and personal details at risk until the malware is identified and removed.

HOW CAN I STOP PHISHING EMAILS?

Pretty much all ISPs and email providers have some form of internal email vetting system to limit the number of phishing emails you receive. In fact, Google prevented 18 million COVID-related phishing attacks from hitting inboxes in just 7 days! But these cybercriminal’s strategies (and the quality of their emails) have become much higher in recent years and some will always squeeze through these protections. While anti-virus software provides robust tools to stop attacks and prevent them from spreading through a business’ network, they can be costly to deploy.

As these attacks rely on human error, education is another great way to reduce your risk. Periodic training to keep staff informed on new strategies and instilling a culture that quickly identifies these attacks and informs the rest of the company (to ensure no one else falls victim) are two of the most significant methods of reducing risk.

The best way to protect yourself and your business is to partner with an expert, one that can manage your security and network performance to ensure you’ve always got the most secure and speedy connectivity possible. Here at MINT, we’ve got over 20 years’ experience in protecting our customers’ online presence and our managed services and technology ensure your team can concentrate on the task at hand. So, if you’re based in the Midlands and need an idea of how you can shore up your online security, get in touch or call 01384 887733 to find out how we can help and maybe even save you money too.