In a business age dominated by the internet, it’s no surprise that fledgling startups and SMEs are frequently conned by net-savvy phishers. Here’s how to prevent your business from being scammed by a carefully-hatched phishing mail.
In the past, phishing emails would lure prospective marks into submitting details on a legitimate-looking website and so get all their banking login details. Nowadays, cybercriminals try to fool you into clicking a malicious link or downloading an infected file by using business-focused subject lines that look like the real thing. In fact, sometimes, the only difference between the legitimate version of the email and the phished version is the malicious link itself.
If you receive an email containing any of the subject lines below, chances are it’s a less-than-kosher attempt to steal your personal information.
Top five subject lines contained in phishing emails
- Invitation to connect on LinkedIn
- Mail delivery failed: returning message to sender
- Dear (bank name) Customer
- Comunicazione importante (important communication in Italian)
- Undelivered Mail Returned to Sender
How to stop your business from being scammed
The best way to avoid being scammed is to avoid opening emails with these subject lines altogether. If you don’t know the sender personally, it’s not worth placing your business at risk. You can always check your LinkedIn invitation on the website directly when you sign in; your bank is highly unlikely to send you an email; and an undelivered message is not the end of the world – you can always check your outbox or resend important messages if you need to.
If you do click on the email and open it, try not to click on any link or attachment if you’re suspicious about the origins of the email. Once opened, a legitimate, “undelivered mail” message will contain a time stamp and the original email you sent – if your original email is not immediately visible, close the email immediately and report it as spam or phishing.
Today’s Scammers use social networks to conduct their research, so make sure you have stringent privacy setting for who can see your timeline, pics and information – and don’t befriend people you don’t know. Scammers set up fake accounts that look totally real.
If you visit a website from an email and you are asked to supply your name, address, banking information, password, or any other personal information, it’s likely to be a scam. Install comprehensive security software and make sure you update it regularly.
Top 10 countries where phishing URLs originated from (2013)
- United States
- United Kingdom
- Hong Kong