Business Email Fraud
Email is one of the most common ways that fraudsters target potential victims and email is vital to business on a daily basis. Email is part of everyday life and people to not think twice nowadays about receiving an email and that is the reason fraudsters use this method.
Emails from fraudsters are designed to appear as if they have been sent by banks, credit card companies, government departments, and other reputable organisations. These type of phishing emails can be sent two ways both of which are supplied by your ISP:
- Internet mail e.g. gmail, yahoo or Hotmail
- Dedicated mail programs e.g. Outlook
The email will attempt to deceive you and get you to perform an action often without you realising. Examples include:
- Clicking on a link to visit a fake but authentic-looking website which either requests confidential information or is infected with malware.
- Opening an attachment disguised as a legitimate file such as a document or .exe file, but which actually contains malware. When it doesn’t open you won’t think twice about it.
There are some signs that you can look out for to prevent staff opening / acting on phishing emails:
- The introduction maybe generic such as “Dear customer.”
- The sender’s email address may be different from the trusted organisation’s website address, check it carefully. A small difference such as an extra letter or .com instead of .ie
- The email may sent from a completely different address or a free webmail address.
- The body of the email may contain misspelt words and poor grammar.
- A sense of urgency; for example the threat that unless you act immediately your account may be closed or a refund will be lost. You will be asked to verify, activate or update account details.
- If the link to the website is very prominent on the screen. Also note the website address is more than likely fake and may be very similar to the proper address, but even a single character’s difference means a different website.
- A request for personal information such as username, password or bank details. Remember to never to give out such information.
- Be suspicious of emails that you weren’t expecting to get from the organisation that appears to have sent it, out of the blue, out of course, unusual form of communication.
- Some phishing emails actually warn you of a virus and invite you to click on a link or open an attachment to protect yourself.
- If in doubt, contact the person or organisation the email claims to have been sent by.
- Do not readily click on links in emails from unknown sources. Instead, roll your mouse pointer over the link to reveal its true destination, displayed in the bottom left corner of your screen. Beware if this is different from what is displayed in the text of the link from the email.
- If you are suspicious of an email, you can check if it is on a list of known spam and scam emails that some internet security software vendors feature on their websites.
- Most Microsoft and other email clients come with spam filtering as standard. Ensure yours is switched on.
- Most spam and junk filters can be set to allow email to be received from trusted sources, and blocked from untrusted sources.
- Most internet security packages include spam blocking. Ensure that yours is up to date and has this feature switched on.
Spam (junk) email
Most mail sent on a daily basis is unsolicited spam. Unfortunately although used for advertising in some cases many of them are designed to defraud so take extra care when receiving spam
Examples of spam emails include:
- Fake charity mails
- Advertising, for example online pharmacies, cosmetics, dating, and online specials.
- Get cash quickly schemes and work from home opportunities.
- Hoax virus warnings.
- Chain emails which encourage you to forward them to multiple contacts (often to bring ‘good luck’).