As we continue to move through 2020, the pandemic shows no signs of disappearing anytime soon. With that, cyber criminals are continuing to take advantage of vulnerable people through various different forms of cyber attacks. In fact, a recent study showed that 5.2 million people in the UK have fallen victim to scams during the coronavirus pandemic. One of the more common forms of this are through phishing emails.
To provide some context, phishing scams are attempts by scammers into tricking individuals to give out their personal details, such as bank account details, credit card numbers and passwords.
But you might be asking, how are people falling victim to phishing emails? Well, cyber criminals send emails claiming to be from legitimate organisations, presenting information regarding the pandemic. With the overwhelming fear surrounding coronavirus, the constant changes to the rules and the amount of news coverage, it is easy to become a victim to the ploys of cyber criminals when they exploit fears using this deadly virus.
So, what should you be looking out for in phishing emails to stay safe?
A coronavirus-themed email may ask you for you to provide login details to any NHS or government related websites, such as your HMRC services account. Alternatively, they may ask for you to provide debit card details to order yourself a COVID-19 home test kit
Legitimate government and public service sectors will never ask for this kind of personal information over email, therefore never respond to these types of emails and mark the sender as spam.
If you hover your mouse over any links in an email, after a couple of seconds the links full address will appear. Sometimes, it is obvious that the website linked in the email is a fake, but other times, the links can look very similar to the legitimate website.
In this case, look at the sender’s email address. If the address does not look similar to what the company emails look like, then it is more than likely fake.
For example, if you have been in touch with a legitimate contact from the government prior and their email address is firstname.lastname@example.org, then you know that if you receive an email from email@example.com, then you know that the email is not from the same organisation.
Similar to malicious links and dodgy email senders, a phishing email may attach files, in which the sender is asking for you to download a file attached. Now, this may be a PDF, a word document or a .exe file. Make sure that you only ever download a file from someone that you know/trust or if you are confident that the email is from the same organisation.
Remember, if at any point you are unsure, visit the organisation’s website and either email or ring the company with the details that they provide.
Phishing emails will try to scare you into thinking that you need to do something as soon as possible, as scammers like to enlist fear into their receivers to make them reply, download or click a link without fully considering the possible threats.
For a COVID-19 related phishing email, you may receive something along the line of: ‘URGENT – Coronavirus testing kits running low on stock. Order now!’
Firstly, coronavirus testing kits from the government are free, therefore you never need to pay. But most importantly, if something was urgent like, like this above email, then the government themselves would have announced something like this on the news. Take a minute to think about the email, who it is from, what links are attached and if it is likely that an email like this would be sent out by the company in question.
A well-established business will never have poor spelling and grammar, especially the NHS and government, as they need to maintain their level of professionalism. This is one of the more common signs of a phishing email. Hackers usually do this so that they can add a sense of “human” touch to the emails, making people take their attention away from the malicious links and files and instead focus on an incorrect spelling caused by human error.
Phishing emails can be easily to spot if you know what you are looking for. If you are slightly unsure or worried about an email being sent to you, and you don’t know who it is from, delete it or get in touch with the company directly from their website.
You should never put yourself at risk of falling victim to a phishing attack, especially with anything COVID-19 related. Don’t let hackers instil fear through the form of emails.
Did you know that with Citadel’s Hosted Desktop, we set up a spam filter for your emails to protect your business against cyber attacks? By doing this, you clear up the clutter in your email inbox and decrease the chances of being hacked or scammed. Plus, you can view your spam inbox at any point to check the validity of the filtered emails.
Here is an example of how we have helped one of our customers to reduce the number of spam emails coming through to their company from 16th September to 16th October. Out of a total of 21,800 emails, 23% of these were filtered out as spam, in which nearly 10% of these were spam attacks. We have managed to help our customers to filter out the clutter in their email boxes, as well as protecting them from incoming phishing emails.