Imagine this: Early July morning. The holidays are around the corner. You open your email as usual, just in time for your morning coffee, to scroll through the new arrivals. One catches your eye. It’s from your anti-virus software: “Your subscription has expired!” Your usual direct debit payment hasn’t gone through and you’re suddenly completely unprotected. Now it’s urgent! You need to update your payment details now!
Recognize the feeling?
What is phishing?
Then you’ve probably been the victim of a phishing attempt at some point. Phishing is simply an attempt to trick you into giving away sensitive information. It usually happens via email, but there are also smishing (text messages) and vishing (voice phishing). What they have in common is that the attempts are disguised as a lure to catch your attention and get you to click.
Recognize phishing when you see it
Phishing attempts can take many forms. It can look something like it did in the fictive scenario above. It can also look like this, or like it did when we and our customers experienced it this spring. Although it may seem obvious at times, it’s not always easy to distinguish a scam email from a real one. You need to be constantly vigilant.
Here are some good things to keep in mind, to be prepared when the warning bells ring.
Go through the ‘checklist’ step by step
Starting with something like a checklist can be helpful to avoid taking the bait. Tick off some of the key steps in identifying a fraud attempt and how to think when it happens, such as these:
- However urgent it may seem to be: take it easy. Study the sender carefully, read the email and don’t click anywhere. It’s part of the scam to make you act impulsively.
- The email address listed as the sender on a scam email often contains a completely different domain from the company’s usual one.
- What looks right at first glance may, on closer inspection, contain a minor discrepancy; a different letter, or a capital I (i) instead of a small l (L). Again, try to be careful and thorough!
If you do accidentally access a link, you can reduce the risk and get a security check on every click with Click Protection.
Avoid fake invoices – list approved suppliers
It’s not uncommon for fraudsters to pose as a supplier to a company and try to scam you out of information. This can be challenging: sometimes employees have different amounts of information. What is standard procedure to one may not be known to all. An example could be when someone stands in for a colleague and jumps in to help in an area they’re unfamiliar with.
A good way to prepare and ensure that everyone has the same information is to produce a list of approved suppliers, with approved contact persons and exact e-mail addresses. Then everyone has something to refer to when something happens, in case anyone is still unsure. Just don’t forget to keep the list updated. Svensk Handel gives a bunch of concrete tips on the topic that may be worth looking through.
Always back up your data
If, despite your measures, you should be exposed to a fraud, it’s good to have everything in another, safe place. This could be because some virus variants delete all your data, or you may want to delete everything yourself if you suspect someone has access to information they shouldn’t have.
With a backup, you can take the necessary steps without worrying about losing information forever. It’s also a natural step in being prepared for possible attacks when you least expect it.
If you have web hosting or Managed Server with us, our backup service, CloudBackup, is included. This means that your data that you have with us is automatically backed up daily.
Avoiding phishing can be tricky. Many factors come into play to protect yourself in the best possible way and there are several things to consider in addition to our three tips. Is the tone in the e-mail very urgent? Does it sound too good to be true? (Spoiler: it probably is.)
For more useful tips and to learn more about what to do if you accidentally click on a link, check out our comprehensive guide on phishing in our guide library.
