In April 2020, Google reported that it blocks over 18 million scam emails related to COVID 19 daily! When we take other scam emails into consideration, this adds up to over 100 million phishing emails per day! Cybercriminals are certainly taking advantage of the pandemic, especially as people are now working from home, or outside of the office.
Currently, there are over 3.9 billion active email users in the world. Needless to say, hackers have a large pool of potential victims. Even before the COVID crisis, cybersecurity experts Mimecast had found a 145% increase in cyberattacks from October to December 2019 alone. During the pandemic, this numbers exploded; Barracuda Networks reported a 667% increase in malicious phishing attacks since the start of the pandemic.
Do you know how to identify and handle email scams that want to infiltrate your business? Let us start by understanding the different types of scam tactics cybercriminals use.
Types of email scams
There are several ways cybercriminals will try to breach your network through email. Here are the most common forms of email scams you’ll come across:
- Phishing – Phishing is a type of social engineering where fraudsters trick their victims into handing over their credentials. They do this by pretending to be people or companies you trust.For instance, you might receive an email from what appears to be your bank. They claim that your account’s been compromised, so you need to change your password. This seems legitimate so you click on the link to reset your password and create a new one. However, the link actually leads to a fake website the cybercriminal’s created. So, when you enter your existing credentials, they receive this information and use it against you.
- Spam – Spam emails are one of the oldest tricks in the book. These mostly consist of “get rich quick” schemes, hoax charity pleas, or chain emails.The good news is today’s technology has enabled most email providers to filter these spam emails out. However, the odd spam email may make it through, so be sure to stay vigilant.
- Whaling – This type of email scam is when the fraudster masquerades as a C-level executive or another person of authority. Because employees trust these names, they’re more willing to fulfil requests made by these emails.In most cases, these scammers ask their victims to make payments to a third-party bank account. This is done through fake invoices.
- Spoofing – This is a more complicated type of email scam. Here, cybercriminals essentially hijack or forge an existing and legitimate email address. This sometimes allows scam emails to bypass the spam email filter.
What to look for in scam emails
Even though email filters prevent some of them, spam and scam emails do make it into email inboxes successfully. Thankfully, there are ways to recognise these, so you do not fall victim to them. Here are a few things to look out for:
- Different email addresses and names – With spam emails, it will be very obvious that the email addresses and sender names are not quite correct, making them easy to spot. However, with more sophisticated phishing attempts, you will have to look closer.For instance, the scammer may have substituted a lowercase L with a capital I. This is a red flag, as it indicates the sender is trying to imitate someone else.
- Poor spelling and grammar – Scam emails are carefully crafted to target the most vulnerable people. So, cybercriminals will purposely misspell words and have poor grammar in spam emails. Or this might be the case if the scammer is not a native English speaker.Well-known companies have reputations to uphold, so you will not ever see glaring mistakes in their emails.
- Strange authentication details- Spoofed emails will have the wrong authentication details.To check this, click on the header and look at the “mailed-by,” “signed-by,” and “encryption” details. These should all have a name that is identical to the sender name.
- Fake signature – Scammers will also take care to fake signatures. This might include attaching images that appear legitimate.
How to prevent email scams from happening
Now you know how to recognise email scams. Here are some other ways to prevent email scams from being successful.
- Employee education – The most important way you can prevent email scams from happening is with employee education. You could have a dedicated cyber security expert or hire an I.T consultant to come up with a training strategy and plan to best tackle the cybercrimes.A cyber security expert can educate your employees about cyber hygiene and good digital practices. This can include strong password practises and avoiding opening emails when they don’t know the sender.
Not only can they teach your employees about all the latest email scams, but they can also perform random tests.
- Robust antivirus and firewall – Should anything get past your employees, you need a safety net. Having a robust antivirus program and firewall can help catch anything that might infiltrate your network.Make sure your antivirus software is installed on all devices and that it’s always updated promptly.
Microsoft 365’s new feature for cybersecurity
One of the best cloud suites to use for work is Microsoft 365. It helps keep users safe by detecting and blocking suspected spam in Outlook.
In addition, there is a new feature coming out soon called Tenant. This is a portal where employers can run training and simulate phishing attempts to see how well their employees can identify potential threats. Considering how users are your first line of defence when it comes to cybersecurity, this can be key in prevent malicious emails from being successful.
Protect your business by taking action
Do not delay in putting this information into action. Cybercriminals are always looking for ways to take advantage of your network vulnerabilities, so every minute that goes by is another chance for them to penetrate your defences.
As I.T experts, we provide virtual C.T.O services where we work closely with your business to understand the potential vulnerabilities in your systems and provide you with strategies to overcome them. We also provide customised support to ensure that you make the most your I.T resources. Get in touch with us at firstname.lastname@example.org to understand more!