Bath & Somerset firms are being urged to open emails with caution as The Business Exchange has been made aware of a sophisticated phishing scam that is currently impacting local organisations.
Email recipients are receiving mail into their inboxes from what appears to be a legitimate business contact. The perpetrator is including a genuine signature block and is creating a sense of urgency to open the email as the deletion date is set to a short timescale.
We asked Bath-based cyber security experts Computer Network Defence (CND) for their top tips on how to approach phishing emails and how best to protect your business against them.
- Ensure that your computer is fully up to date; including your applications (especially pdf readers and antivirus software).
- Any undue pressure/urgency to act as well as typos and impersonal/out of character tone can be classic phishing indicators.
- Look but don’t touch! Mouse over hyperlinks to resolve the domain. Does it originate from the company that has sent it? Beware of lexically close or misspelled URLs e.g. tbebaathandsomerset.co.uk
- Never supply sensitive, financial or personal information as companies should never request this via email. Also be very wary of downloading and opening attachments.
- If it doesn’t look or feel right it probably isn’t. Trust your intuition and if in any doubt, contact the sender directly (not by hitting reply though!) Speak in person or pick up the phone to be safe.
There’s also a really good phishing training platform created by Google. It’s based around Gmail so is particularly useful for those using Gsuite in their business: https://phishingquiz.withgoogle.com
To find out more about CND visit: www.cndltd.com