Yes, yes, I know, you will probably tell me that you can easily spot an email threat. I don’t doubt you one bit! But with email attacks on the rise, this ‘probably’ simply isn’t enough anymore! And the reality is that cybercriminals are definitely taking advantage as we move further into the pandemic and adjust to this new normal – especially since people are partly working from home or outside of the office!
Here’s the thing. There are over 3.9 billion active email users in the world, which unfortunately gives these hackers a large plethora of victims to fish from! In fact, it is reported that there has been a 667% increase in malicious phishing attacks during the pandemic alone. Imagine that! And the scary part is that some of these hackers like to target the vulnerable group – think of your parents or grandparents, they are the ones who are unfortunately more likely to fall victim to such hacks.
But first things first, what are the most common types of email scams you might most likely come across?
Types of email scams
Phishing
Phishing is a type of social engineering where fraudsters trick their victims into handing over their credentials. They do this by pretending to be people or companies you trust.
For instance, you might receive an email from what appears to be your bank. They claim that your account’s been compromised, so you need to change your password. This seems legitimate so you click on the link to reset your password and create a new one.
However, the link actually leads to a fake website the cybercriminal’s created. So, when you enter your existing credentials, they receive this information and use it against you!
Spam
Spam emails are one of the oldest tricks in the book. These mostly consist of “get rich quick” schemes, hoax charity pleas, or chain emails. The good news is, today’s technology has enabled most email providers to filter these spam emails out. However, this is not 100% fool-proof – the odd spam email may still be able to make its way through, so be sure to stay alert and vigilant to any of such emails!
Whaling
This type of email scam is when the fraudster masquerades as a C-level executive or another person of authority. Because employees trust these names, they’re more willing to fulfil requests made by these emails. In most cases, these scammers ask their victims to make payments to a third-party bank account. This is done through fake invoices.
Spoofing
This is a more complicated type of email scam. Here, cybercriminals essentially hijack or forge an existing and legitimate email address. This sometimes allows scam emails to bypass the spam email filter.
But how do you identify these scam emails?
Well, there are many ways you can identify a scam email, but here are 4 of the top ones!
Different email addresses and names
With spam emails, it’ll be very obvious that the email addresses and sender names are not quite correct, making them easy to spot. However, with more sophisticated phishing attempts, you’ll have to look closer. For instance, the scammer may have substituted a lowercase L with a capital I. This is a red flag, as it indicates the sender is trying to imitate someone else.
Poor spelling and grammar
Scam emails are carefully crafted to target the most vulnerable people. So cybercriminals will purposely misspell words and have poor grammar in spam emails. Or this might be the case if the scammer is not a native English speaker.
But do remember that well-known companies have reputations to uphold, so you won’t ever see such glaring and jarring mistakes in their emails.
Strange authentication details
Spoofed emails will have the wrong authentication details. To check this, click on the header and look at the “mailed-by,” “signed-by,” and “encryption” details. These should all have a name that’s identical to the sender name.
Fake signature
Scammers will also take care to fake signatures. This might include attaching images that appear legitimate.
So how do you prevent email scams from happening?
Now you know how to recognise email scams. But the question now is, how do you prevent these email scams from happening?
Robust antivirus and firewall
Should anything get past your employees, you need a safety net. Having a robust antivirus program and firewall can help catch anything that might infiltrate your network. Make sure your antivirus software is installed on all devices and that it’s always updated promptly. You can also outsource a managed service provider to get the assurance that your systems and devices are always up to date and secure!
Use reliable Email Service Providers such as Microsoft 365
Use a reliable and established email service provider, such as Microsoft 365, as these come with additional options and features to enhance email security. It helps keep users safe by detecting and blocking suspected spam in Outlook.
Employee education and awareness
The most important way you can prevent email scams from happening is with employee education. A chief security officer (CSO) can come up with a training strategy and plan to best tackle your cybersecurity.
Alternatively, you can invest in a robust cybersecurity awareness training by a managed service provider such as eVantage Technology. eVantage Technology is an experienced Managed Service Provider that adopts Security into the core of our business.
The eVantage Technology Cyber Security Awareness Training Program is an easy-to-follow cyclical process which delivers an effective cyber security awareness program to your staff, offering a complete solution to test, train, measure and mitigate human risk. Our Fully Managed Cyber Security Awareness Training Program will allow you to provide an effective and engaging security awareness training to your staff and leave everything to us. We will help you administer and run everything, from your regular phishing simulations based off real-world scenarios, to processing and reporting the data.
Want to find a fully managed cyber security awareness training plan that best works for your company? Find out more here, or click the green button below to contact us today!
eVantage Technology is a professional and trusted IT solutions provider, dedicated to providing exceptional service to companies in Singapore and across Asia.