Email attacks remain one of the most significant security threats organisations face today. Recently it was announced that Microsoft Exchange has fallen victim to an attack with tens of thousands of organisations potentially compromised. The attack used previously unknown flaws in the email software, gaining access to organisations’ email accounts through vulnerabilities in its Exchange Server email software. As a result, Microsoft has issued security patches that should be applied as soon as possible. So, with cyber-attacks becoming increasingly sophisticated, it’s important to be extra vigilant and remind your employees how to protect your information.
In a spoofed email, a cybercriminal will sometimes masquerade as a legitimate source by changing the identity of the sender to reflect a person or organisation familiar to the victim.
Spoofing presents two distinct threats for organisations:
The first step to protecting your business from a phishing scam is knowing how to spot it in the first place...
It’s good practice to always hover over any links in emails before immediately clicking to check the destination. Does the destination URL match the destination site you would expect? Will it download a file? Does it look like something that the company would generally use? If you’re at all unsure, seek advice from your IT team
One of the easiest ways to spot a malicious email is to check the email address matches the name of the sender and ensure that the domain of the company or person is correct.
Things to look out for are extra numbers, letters or characters that look out of place within the email. For example:
Legitimate email domain: @lima.co.uk
Malicious email domain: @lima-s23.co.uk
These can sometimes be difficult to spot so it’s always best to note down the email address before taking any action to double-check.
Poor spelling and grammar can be an easy spot for a spoof email, but it’s certainly not always a given. Does it look like the spelling has been translated to your language? Most companies have thorough proofing processes when sending emails and so the chance of a legitimate email having several spelling and grammar mistakes is unlikely.
Another indicator to proceed with caution is if the email asks you to submit personal information that you wouldn’t usually be required to submit. Always be vigilant until you can verify that the person requesting this information is who they say they are.
Organisations need an IT partner they can rely on if the worst was to happen. LIMA can help to review your current security practices and ensure that your IT infrastructure meets the security and flexibility requirements you need to give you peace of mind. Click here to speak to one of our dedicated account managers.Back to News & Events
For the past 20 years, we’ve been solving business challenges by designing and delivering intelligent IT solutions with a passion for technical excellence and customer satisfaction.
If you have a question you'd like to ask, we’d love to answer it.
Fill in the contact form below and we’ll get back to you as soon as possible.