SMEs: Here’s how to avoid phishing emails

In a business age dominated by the internet, it’s no surprise that fledgling startups and SMEs are frequently conned by net-savvy phishers. Here’s how to prevent your business from being scammed by a carefully-hatched phishing mail.

SMEs and startups are often the victim of malicious phishing attacks. photo credit: Stian Eikeland via photopin cc

SMEs and startups are often the victim of malicious phishing attacks. photo credit: Stian Eikeland via photopin cc

In the past, phishing emails would lure prospective marks into submitting details on a legitimate-looking website and so get all their banking login details. Nowadays, cybercriminals try to fool you into clicking a malicious link or downloading an infected file by using business-focused subject lines that look like the real thing. In fact, sometimes, the only difference between the legitimate version of the email and the phished version is the malicious link itself.

If you receive an email containing any of the subject lines below, chances are it’s a less-than-kosher attempt to steal your personal information.

Top five subject lines contained in phishing emails

  1. Invitation to connect on LinkedIn
  2. Mail delivery failed: returning message to sender
  3. Dear (bank name) Customer
  4. Comunicazione importante (important communication in Italian)
  5. Undelivered Mail Returned to Sender
If your business is reliant on the internet, it's best to educate all employees about the dangers of phishing. photo credit: Defence Images via photopin cc

If your business is reliant on the internet, it’s best to educate all employees about the dangers of phishing. photo credit: Defence Images via photopin cc

How to stop your business from being scammed

The best way to avoid being scammed is to avoid opening emails with these subject lines altogether. If you don’t know the sender personally, it’s not worth placing your business at risk. You can always check your LinkedIn invitation on the website directly when you sign in; your bank is highly unlikely to send you an email; and an undelivered message is not the end of the world – you can always check your outbox or resend important messages if you need to.

If you do click on the email and open it, try not to click on any link or attachment if you’re suspicious about the origins of the email. Once opened, a legitimate, “undelivered mail” message will contain a time stamp and the original email you sent – if your original email is not immediately visible, close the email immediately and report it as spam or phishing.

Today’s Scammers use social networks to conduct their research, so make sure you have stringent privacy setting for who can see your timeline, pics and information – and don’t befriend people you don’t know. Scammers set up fake accounts that look totally real.

If you visit a website from an email and you are asked to supply your name, address, banking information, password, or any other personal information, it’s likely to be a scam. Install comprehensive security software and make sure you update it regularly.

Social networks: A free trough of information for phishers. photo credit: Gavin Llewellyn via photopin cc

Social networks: A free trough of information for phishers. photo credit: Gavin Llewellyn via photopin cc

Top 10 countries where phishing URLs originated from (2013)

  1. China
  2. United States
  3. Germany
  4. United Kingdom
  5. Canada
  6. Russia
  7. France
  8. Hong Kong
  9. Netherlands
  10. Brazil
The best way to avoid being scammed is to avoid opening emails from people you're unfamiliar with.

If an email were to read like this, it’s best to ignore it.