As we are seeing a rise in phishing, it is crucial for business owners to understand that the courts and police can sometimes be powerless to help you, if your business is scammed out of money.
There was a case recently where a business had tried to sue an employee to recover costs when the employee had unwittily paid over thousands to a fraudster, who duped her by email! The fraudster promptly removed the funds proving it untraceable.
This is not the first or the last time an employer has tried to sue an employee because they had a duty to exercise reasonable competence and care. Whether they are really at fault can all depend on their position, knowledge and experience. For example, if a junior employee is left holding the fort and under pressure, it would be unjust to have them shoulder the blame for a substantial liability and you would probably lose your case.
As we are seeing these phishing attempts becoming slicker, it is important to exercise caution. Your employees should all be aware of the main things to look out for, explained below.
- If the message is sent from a public domain like @gmail.com it. Any legitimate email should come from the organisation itself.
- Check for misspelling as we can easy be tricked to glance over email address’s not seeing them for what they are.
- The email can contain poor spelling and grammar. Many scams are from non-English-speaking countries that have limited opportunity to learn the language.
- They can include suspicious attachments or links that can be an infected attachment or a bogus website requesting sensitive information.
- If the message creates a sense of urgency like act now, or a piece of important news its better to check before acting on something that maybe false.
Darren Auchnie, “IT Hotdesk’s Cyber Security subject matter professional commented “Most of the above is common sense to most people, but phishing attempts are becoming more sophisticated. There has been a case recently when the MD’s email address was cloned and accurately displayed on the screen which most employees would not question, and they would probably action the email without a thought!, be careful”
The best course of action is to make sure your systems and protocols are robust & to properly train your staff on phishing attempts so they are aware of the tricks that might mislead them.
Here at IT Hotdesk we can provide interactive phishing simulation & security awareness training along with advanced, multi-layered email security. If you wish to talk to us about email security, please give us a phone on 01224 511611 to speak to one of our cyber security professionals.