Don’t open a message or email if you don’t recognise the sender’s name. When browsing online or checking your email, you should always be careful. Do you recognise the company? Is the company’s name spelled correctly? Is there an unusual link or attachment? It is better to be cautious than hasty. Here are a few shocking Phishing Statistics:

• Small and mid-size businesses lose an average of $1.6 million recovering from a phishing attack.
• More than 70% of phishing emails are opened by their targets.
• A new phishing site is created on the internet every 20 seconds.
• (dataprot, 2023).

What is Phishing?

According to Cisco, phishing attacks are “the practice of sending fraudulent communications that appear to come from a reputable source”. The attacker will send the victim an email, instant message, or text message to steal user data, login credentials, credit card numbers or personal information. The phishing email or text message will look very similar to a trustworthy source or company e.g. bank, payment website or utility company.

Here are some ways to recognise a phishing email:

• First time or infrequent senders
• Spelling and bad grammar
• Generic greetings
• Mismatched email domain e.g. transwap.vip or tran3wap.com. Always be watchful for very subtle misspellings of the real domain.
• Suspicious links or unexpected attachments
• (support.microsoft.com, 2023)

Here are some common attack messages:

• They’ve noticed some suspicious activity or log-in attempts on your account — they haven’t.
• Claim there’s a problem with your account or payment information — there isn’t.
• You need to confirm some personal or financial information — you don’t.
• An invoice, link or attachment you don’t recognise — it’s fake.
• Want you to click on a link to make a payment — it’s a scam.
• Offer a discount or coupon for free stuff — it’s not real.
• (consumer.ftc.gov, 2023)

Email remains the number one method.  Another common phishing attack is fake websites. These attackers often fake a website, app or buy ads in a reputable company’s site so they can redirect victims on to their own website. Whether you are a small business owner, online shopper or CEO, you can be a phishers’ next target.

How to Protect Yourself from Phishing Attacks:

1. Protect your company by using security software.

2. Protect your phone by setting software to update automatically.

3. Protect your accounts by using multi-factor authentication.

4. Protect your data by backing it up.

5. Never click on any links or attachments in suspicious emails or texts.

6. Report or delete unknown and suspicious messages.

As online banking services and mobile payments continue to increase, so will the prevalence and quality of phishing attacks. Remember to always double check the message source. If you happen to think you’ve been scammed, you must act quickly. Immediately change the passwords on your accounts and report the scam right away.