In today’s digital age, cybercrime is very much a concern both to individuals and corporations. One form of cybercrime that I have been seeing a lot of lately are phishing attempts. Indeed, around 83% of organisations were subjected to a phishing attack last year. Phishing is where scam emails, messages or calls are used by cybercriminals to trick their victims, often which the aim of having that individual click a malicious link.
Phishing is a method used by fraudsters to obtain sensitive personal information, and can have many adverse consequences including:
- Identity theft;
- The installation of malware on a device; and even
- A full-scale hacking of systems.
Cyber criminals are clever and innovative, and phishing attempts are becoming more and more sophisticated. Nowadays companies often have systems in place to identify and prevent cybercriminals from infiltrating their systems. As an individual, you can prevent phishing attacks by simply being able to identify a malicious email. Here are some red flags to consider when you receive an email that you think could potentially be a phishing attempt:
For example, the CEO of company you work for is called John Smith and his email address is [email protected]. You receive an email from John Smith who asks that you “urgently” assist him with an important task which requires you to download a bundle of documents from a shared link, which he provides to you in the email. This is strange, as John never contacts you directly. You also notice that John’s email address does not appear to be correct – it is listed as [email protected].
While subtle, this would be a clear example of a phishing attempt. Therefore, you should delete the email and report it to your company’s IT department as soon as possible.
Much like the example above, phishing messages often contain a sense of urgency. Many scams require individuals to “act now”. This is usually present when one receives an email from an address purporting to be PayPal or Netflix, requesting that a user urgently updates their account details or else they will: a) be charged; or b) have their account closed. The email would usually also contain a link for the individual to follow.
As with John Smith, phishing attempts often appear to come from people of authority, whether that be the CEO of the company you work for, your boss, or even a government official. Exercise caution when receiving communications from such individuals.
Another common method used by fraudsters is to contact individuals via text message, which includes a malicious link. For example, you may receive an email from “Evri” stating that your parcel is being held at a depot and you need to pay £1.50 to have it delivered. The text message contains a link that will take you to the payment page requiring you to input your card details. However, whilst the sender is marked “Evri”, you notice that is has come from a mobile number, starting with “07”.
This is example is most certainly a phishing attempt, particularly in regard to the request for payment. It would be extremely unusual for a company (such as Evri, or RBS) to send a standard message from a mobile number, as well as to request payment of such a small sum.
The overall takeaway is to be aware that phishing scams exist and are very much prevalent. Always glance a second eye over communications you receive and trust your gut instinct. Even if the communication is in fact legitimate, as the old saying goes, it is much better to be safe than sorry.
Vardags Limited is a limited company trading as Vardags, Company No 7199468, registered in England and Wales, having its registered office at 10 Old Bailey, London EC4M 7NG. Vardags is authorised and regulated by the Solicitors Regulation Authority (SRA Number 535955). Its VAT number is 99 001 7230.
Vardags uses the term ‘Partner’ as a professional title only, to describe a Senior Solicitor, Employee or Consultant with relevant experience, expertise and qualifications (whether legally qualified or otherwise) to merit the title. Our Partners are not partners in the legal sense. They are not liable for the debts, liabilities or obligations of Vardags Limited. Similarly, the term ’Director’ is a professional title only, to describe a non-legally qualified employee or consultant of Vardags with relevant experience, expertise and qualifications to merit the title. It does not necessarily imply that the relevant individual is a director of Vardags Limited.
A list of the directors of Vardags Limited and a list of the names of those using the title of ’Director’ and ’Partner’ together with their official status is available for inspection at Vardags’ registered office.