Email fraud, or phishing emails, are difficult to spot, with new tactics, technologies, and tools being utilised to create increasingly sophisticated emails. These are an attempt to trick you into divulging critical information or opening malicious links and attachments. Learning what to look out for is essential for any business, and it\u2019s important that you teach your employees what to look out for too. One of the best ways to prepare yourself and your employees for phishing emails is to know what they might look like.<\/p>\n
<\/p>\n
So what is an example of email fraud? A common example of email fraud is when a cyber criminal pretends to be a vendor that your company buys products and services from. They will often pretend to be sending an urgent invoice in the hopes that you will pay it or open the attachment without checking the details first.<\/strong><\/p>\n <\/p>\n Read on to learn more about examples of email fraud, how to spot a phishing email, and what happens when you open one.<\/p>\n <\/p>\n <\/p>\n <\/p>\n <\/p>\n A common example of a phishing email that can be sent to target businesses is the invoice scam<\/a>. Cyber criminals will pretend to be emailing from a vendor that your company regularly deals with and purchases products and services from. They will pretend to be contacting you regarding an unpaid invoice, bounced payment, or failed direct debit. The aim of these phishing emails is usually to get you to send that invoice payment to an updated bank account. These attempts can be very effective if a company doesn\u2019t have the correct policies in place, because the recipient can often send the money without thinking about it.\u00a0<\/p>\n <\/p>\n Another example that we often receive ourselves, is when cyber criminals will send an email pretending to be from a manager<\/a>, team leader, or owner of a company. This is often accompanied by urgent requests to provide your personal information, such as asking for your phone number because they\u2019re going into a meeting and need to contact you. Luckily, we\u2019ve only ever received examples of this that are extremely easy to spot, with terrible grammar and spelling, email addresses and domain names that aren\u2019t related to the person they\u2019re imitating, and strange wording that would never normally be used. That being said, if a cyber criminal decided to personally target you or your business and wrote these emails in a convincing way, you can easily see how effective it could be.<\/p>\n <\/p>\n <\/p>\n Because many phishing emails<\/a> are un-targeted, meaning that they randomly send them to as many email addresses as possible, they can often be easy to spot. But how do you spot it when a criminal has specifically targeted your business?\u00a0<\/p>\n <\/p>\n It\u2019s important to conduct regular cyber security awareness training<\/a> to ensure that your entire team acts as the first line of defence. It only takes one employee to make a mistake, and you could be vulnerable to an attack. To help, we\u2019ve explained the 3 main signs that a suspicious email could be a phishing attempt.<\/p>\n <\/p>\n <\/p>\n It\u2019s important to think about the content of any suspicious emails<\/a> as this can often be the first sign that it\u2019s a threat. Suspicious content can include an unfamiliar tone that the impersonated person wouldn\u2019t normally use, time-sensitive requests that push for urgency or threaten negative outcomes if you don\u2019t act fast, or unusual requests that wouldn\u2019t normally be necessary. Unusual requests can include things like asking for your phone number when you already have other channels of communication at work, or asking you to send your password.<\/p>\n <\/p>\n As a rule of thumb, it\u2019s always important to double check any requests for payment or information, as well as when someone sends links without mentioning anything first. Whether that\u2019s checking your bank account to see if the payment they\u2019re talking about has actually bounced, checking with your team that someone has actually ordered that product or service, and checking through your regular communication channels to confirm that they are who they say they are.<\/p>\n <\/p>\n <\/p>\n Because the hackers don\u2019t actually have access to email accounts from whoever they\u2019re impersonating, an easy way to check if a suspicious email is phishing is to check if the email address and domain names match up. You can also look through your previous communications with that person or company and see if the email matches up, or at least matches the same domain name.<\/p>\n <\/p>\n If the email includes links, you can check if they are directed to the content they say they are by hovering your mouse over them without clicking. This will show the URL that the link will take you to in the bottom left corner of the screen. If this doesn\u2019t match the content they describe in the email, don\u2019t click it. For example, you could receive an email from \u2018Amazon Support\u2019, but the link isn\u2019t taking you to Amazon – this is a clear indication that something is wrong, because Amazon Support would never send you to a website that isn\u2019t theirs.<\/p>\n <\/p>\n <\/p>\n While this may not apply all the time, and the emails you need to worry about the most are the ones that are more convincing in this aspect, spelling and grammar is an easy way to spot phishing emails. Businesses that you deal with on a regular basis and employees of your own company are professionals, and will have good spelling and grammar skills the vast majority of the time. If you suddenly receive an email from one of them with bad grammar and spelling mistakes, this should be an immediate red flag.<\/p>\n <\/p>\n <\/p>\n Simply opening an email won\u2019t compromise your personal data or allow hackers to access your email account. While hacks like these were a reality in the past, email clients now contain security measures<\/a> that block emails from opening or running any code. With this being said, hackers can still gather some information about you just from you opening an email. This includes your location, the operating system that you use, and your IP address, which can be used in more targeted cyber attacks further down the line.<\/p>\n <\/p>\n The main threat of a phishing email comes from links, requests for money or personal information<\/a>, and attachments. If you notice a suspicious email, do not open anything or reply without first checking the 3 points discussed above, or confirming the identity of the sender.<\/p>\n <\/p>\n While it\u2019s an extremely in-depth topic that takes security engineers years to master, the simple explanation is that hackers would need to know your password to gain access to your emails. This can be gained through a variety of tactics such as brute force techniques like guessing common passwords or faking websites so that you\u2019ll unwittingly enter your password.<\/p>\n <\/p>\n Are you unsure of whether your business is susceptible to a cyber attack? At NEBRC, we conduct in-depth business vulnerability assessments<\/a> that identify your weaknesses and provide effective remediations.<\/p>\n <\/p>\n <\/p>\n At NEBRC, we\u2019re a police-led not-for-profit organisation that\u2019s dedicated to your cyber security. We work closely with you to keep your data safe and reduce your risk of cyber attack.<\/p>\n <\/p>\n Visit our website <\/a>to find out about our Business Vulnerability Assessments<\/a>. Or check out our Security Awareness Training<\/a> to make your employees the first line of defence against a cyber attack. Or sign up to our free core membership <\/a>to keep up to date with the latest cyber security matters and keep your business safe online.<\/p>\n <\/p>","protected":false},"excerpt":{"rendered":" Email fraud, or phishing emails, are difficult to spot, with new tactics, technologies, and tools being utilised to create increasingly sophisticated emails. These are an…<\/p>\n","protected":false},"author":1,"featured_media":5808,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[13],"tags":[],"class_list":["post-5807","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"acf":[],"_links":{"self":[{"href":"https:\/\/crcnetwork-cfkr6.projectbeta.co.uk\/northeastcrc\/wp-json\/wp\/v2\/posts\/5807","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/crcnetwork-cfkr6.projectbeta.co.uk\/northeastcrc\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/crcnetwork-cfkr6.projectbeta.co.uk\/northeastcrc\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/crcnetwork-cfkr6.projectbeta.co.uk\/northeastcrc\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/crcnetwork-cfkr6.projectbeta.co.uk\/northeastcrc\/wp-json\/wp\/v2\/comments?post=5807"}],"version-history":[{"count":0,"href":"https:\/\/crcnetwork-cfkr6.projectbeta.co.uk\/northeastcrc\/wp-json\/wp\/v2\/posts\/5807\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/crcnetwork-cfkr6.projectbeta.co.uk\/northeastcrc\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/crcnetwork-cfkr6.projectbeta.co.uk\/northeastcrc\/wp-json\/wp\/v2\/media?parent=5807"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/crcnetwork-cfkr6.projectbeta.co.uk\/northeastcrc\/wp-json\/wp\/v2\/categories?post=5807"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/crcnetwork-cfkr6.projectbeta.co.uk\/northeastcrc\/wp-json\/wp\/v2\/tags?post=5807"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Page Jumps:<\/h3>\n
\n
<\/ul>\n<\/li>\n<\/ul>\n
\n
What Is an Example of Email Fraud?<\/h2>\n
What Are 3 Signs That a Suspicious Email May Be a Phishing Email?<\/h2>\n
Content<\/h3>\n
Inconsistencies<\/h3>\n
Spelling and Grammar<\/h3>\n
Can Your Email Get Hacked by Opening an Email?<\/h2>\n
Strengthen Your Cyber Resilience With the North East Business Resilience Centre<\/h2>\n