• Handpicked Harrogate

Beware of the phish

Don't be reeled in by the criminals.

Phishing emails are on the increase with attacks becoming increasingly realistic. These tips will help to ensure that you don't accidentally take the bait and stay safe on the net, rather than getting caught up in one.

Always be suspicious of emails that you are not expecting which ask you to download a document, activate a link, enter any login credentials or that make urgent demands for payment, even if it comes from somebody you know.

Many of these criminals use high-pressure tactics to persuade people to take action without checking all the details; a reputable company will NEVER notify you via email regarding changes to bank details.

If you ever receive an email asking you to change bank details, contact the organisation direct, using a trusted number that you are certain belongs to the organisation. Do not simply reply to the email asking for confirmation as it is likely the criminal has control of that mailbox and will reply to say everything is OK.

Be suspicious of emails that contain grammatical errors or language that does not quite “feel” right, particularly if:

  • you are not expecting anything from the alleged sender

  • They are asking you to do something out of the ordinary.

  • The email is not phrased the way you would expect

  • The email address from which it has been sent doesn't look quite right.

If you receive an email unexpectedly asking you to make a payment, always telephone the contact that you typically deal with on the number you normally use. If you are unsure which telephone number to use, contact the enquiry line, advice line or general information number for the company from whom the email purports to originate.

Always use complex passwords and two-factor authentication on your own personal and corporate email accounts.

These types of scams are becoming more prevalent, and we must remain vigilant together.

Common organisations which the scammers use include, but are not limited to:

  • Banks, building societies and the Post Office

  • HMRC

  • Amazon and other large online organisations

  • Internet Service Provider

  • Health organisations

Not sure how to tell whether your mailbox has been attacked? Here are some symptoms which suggest that your mailbox has been compromised.

Suspicious activity, such as missing or deleted emails.

Other users have received an email allegedly from your account but the sent email does not appear in your Sent Items folder.

InBox rules which you did not set up materialise in your mailbox. For example, a rule to automatically forward emails to an address that you are not familiar with, or a rule which automatically moves messages to Notes, Junk Mail or a subscriptions folder.

Your mailbox is suddenly unable to send any mail out to people.

In your Sent or Deleted items folder you might notice strange messages such as "I am stuck in Bristol. Please send me some money."

If you check your profile, is it correct and as you set it up? Sometimes the criminal will alter the profile, changing the phone number.

Does your account have mail forwarding set up on it even though you did not set this up?

If you use an automatic signature, is this still correct, or has it been altered? Sometimes the automatic signature will have been altered.

Even after you've regained access to your account, the attacker may have added back-door entries that enable the attacker to resume control of the account so it is extremely important that if you suspect you have been attacked, you get an expert in to ensure all the back doors and loopholes the criminal has left open in your system in readiness for their return to the scene of the crime, have been firmly and permanently closed.

These types of scams are becoming more prevalent, and we must remain vigilant together.

Martin Mann IT is experienced in dealing with phishing and other cyber-attacks and will be able to help you to minimise the damage and re-secure your machine.

If you notice anything suspicious:

Stop using your email account immediately.

Get in touch with an IT and cybersecurity expert like Martin Mann (01423 788978) by telephone, text or messenger app.