Email scams used to be relatively easy to spot. They often had words like ‘Winner!’ splashed across the subject line, along with colourful, flashing emoticons. Anyone who was taught about cybercrime and not to click on suspicious links would be able to see that such emails were scams. Nowadays, though, scammers are highly intelligent, tech-savvy and willing to put in time to deceive you. A growing threat, particularly for SMEs, is spear phishing.
Spear Phishing: How to Spot Scams and Avoid Them
What is spear phishing?
The aim is to make you click on malicious websites or attachments, so that you share sensitive data or download malware. Scammers no longer just batch-send hundreds of emails in the hope that one will work; they precisely target their victims (in some cases, scammers have spent years building up trust with companies). Facebook, Google and the White House have all been victims, but data shows that SMEs are at greatest risk. As such, it is crucial that small businesses protect themselves by fully educating their staff about the threat of spear phishing.
How your team can avoid being scammed?
Spotting spear phishing scams is not always easy, but here are some tips you can share with your team on how to do so.
Always double-check emails asking for money
If you receive an email asking for an invoice to be paid, always check this thoroughly before sending any money – even if you recognise the sender (spear phishing emails nowadays often look authentic).
Check for spelling mistakes and poor grammar
Scammers often use email addresses that are very similar to those of colleagues or clients, with just a subtle difference in the email address. As well as always checking the email address, look out for any uncharacteristic errors in spelling or grammar within the email itself.
Is it odd that the sender is contacting you?
If you have been contacted out of the blue, been offered a deal that seems too good to be true, or been given contact details that are very vague, it is possible that the email is a scam.
Be aware of your social media presence
Scammers often ‘stalk’ their victims on social media so that they can gain data to deceive them with (e.g. name, job, friends, employment background, interests and contact details). Think about tweaking your online accounts so that any information that could be used against you is kept safe.