Dealing With Scam Emails

Uploaded on 2021-12-02 in TECHNOLOGY--Resilience, FREE TO VIEW

Feeling totally safe on the Internet nowadays is a rare luxury, but still people tend to be more trusting and relaxed in some cases. This is especially true for working environment, where employees may feel secured because of all the corporate measures to protect company’s data and finances.

Ironically, having regular cyber security training and knowing about elaborate digital protection technologies may make some employees open to easy and straightforward scamming attempts. 

Remember, that corporate mail is not a 100% safeguard against fraudulent messages. Read this article to learn how to react after receiving a scam mail.

How To Check For Scam Emails

You’re receiving hundreds of emails every day, so what to do to minimize the risks of getting scammed? Implement this basic email processing routine to ensure you’re doing your part of the job. 

Check the sender’s address:   Scammers often copy real electronic addresses you may find authentic at first glance. But second look will ensure you won’t miss extra dot or wrong letter in sender’s address.

Carefully Analyse The Content:   Absent or incorrect signature in the email, weird logo or outdated letterhead – noticing these little mistakes of the scammers may save you from troubles. But even proper corporate formatting is not a green light yet. 

If the request in email seems odd to you, especially concerning any data transferring or financial transactions, restrain from any immediate actions. Call for unusual actions or decisions that go against set procedures or established practice is good enough reason to check this request or consult with superior. 

Verify information by other means:   Trust your instinct and find another way to contact a person who sent you the suspicious email. Call via the phone number you’ve known before (not the one indicated in the email), talk personally, or use another email address. 

These simple steps would be sufficient for absolute majority of your incoming mail. Most scamming attempts are messy, so you’ll identify them with little effort.

Here for more details on most popular scamming schemes online, but beware, some elaborate tricks may get through your safeguards and it is crucial you know how to react.

What To Do With A Scam Email

You have received a suspected scam email from your corporate address and now wondering what you should do next.  Follow this advice to lower the chances of seriously damaging your company’s cyber security.

Never open an email you find suspicious:   Avoid opening any letters looking weird at first glance. Confusing subject line, amended sender’s address, your name misspelled can be an indication. Just do not open it and find a way to double-check its authenticity.

Do not click on any links:   Some letters just look totally safe at first or you opened one automatically before noticing something’s off. Main rule – do not click on any links. You may open doors for malware entering your own and the whole company’s IT system. Watch out specifically for emails providing links to change your password for safety reasons. You should know the corporate regulations for personal identification credentials, which are rarely through email prompts.

Change your password:   You successfully identified the scamming attempt, avoided clicking on any links, so what’s next. It would be wise to change your password to mailbox and corporate computer account through established trustworthy procedure. Log out from previous session on all your devices after changing password. Consider activating two-factor (or multifactor) identification to reinforce your protection.

Make sure you’re not accidentally open to such attacks:   In most cases scamming attempts are rather random than targeted ones. But it’s best to do your best to avoid helping scammers (and spammers) unknowingly. Recall where do you use your email address, except from bilateral communications or business cards. Remove your address from widest public availability – website, social media, printed handouts. Don’t forget to not use your corporate mailing address for online purchases or subscriptions, or any personal purposes.

Inform your company's IT / Security officer:   Do it urgently if you opened the links or suspect malware attacking your computer. Otherwise, it’s just beneficial for dedicated cyber security specialist to know about scamming attempts. This allows to watch out for more letters, check security setup and probably notify the staff reminding of basic digital hygiene rules.

Remember that burden of responsibility to do your best for cyber safety of your company lies with you and your vigilance is part of your professional duties. Most precautions for scamming emails do not require a lot of time or efforts, so they are easy to remember and implement constantly.

Eliza Sadler is a professional journalist currently working for a leading Assignment Writing service. 

You Might Also Read: 

Secure Your Personal Email & Social Media Accounts:

 

« What Is An API, Anyway?
What Every PHP Developer Needs to Know About Cyber Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

HyTrust

HyTrust

HyTrust specialises in security, compliance and control software for virtualization and cloud environments.

International Telecommunication Union (ITU)

International Telecommunication Union (ITU)

ITU is the United Nations specialized agency for information and communication technologies – ICTs. Areas of activity include cybersecurity.

Fidus Information Security

Fidus Information Security

Fidus is a team of security professionals providing Penetration Testing and Cyber Security Consulting services throughout the UK and worldwide.

Bluink

Bluink

Bluink specializes in identity and access management and customer identity verification, using your smartphone as a strong authenticator and secure identity store.

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) - Afghanistan

Information System Security Directorate (ISSD) is the Directorate of MCIT responsible for the security of critical information infrastructures in Afghanistan.

Aporeto

Aporeto

The Aporeto platform protects cloud applications from attack by authenticating and authorizing all communications with a cryptographically signed identity assigned to every workload.

QAlified

QAlified

QAlified offer independent testing and quality assurance services for software projects including security testing.

Liminal

Liminal

Liminal is a boutique strategy advisory firm serving digital identity, fintech, and cybersecurity clients, and the private equity / venture capital community.

KYND

KYND

KYND has created pioneering cyber risk technology that makes assessing, understanding, and managing business cyber risks easier and quicker than ever before.

Verichains

Verichains

Verichains Lab is a pioneer and leading APAC blockchain security firm with extensive expertise in the areas of security, cryptography and core blockchain technology.

Dig Security

Dig Security

Dig Security offers the first data detection and response (DDR) solution, providing real-time visibility, control and protection of your data assets across any cloud.

Check Point Software Technologies

Check Point Software Technologies

Check Point Software Technologies is a leading provider of cyber security solutions to governments and corporate enterprises globally.

Brennan IT

Brennan IT

For over 25 years, Brennan’s expert team has helped businesses achieve real success through innovative and secure technology solutions.

Occentus Network

Occentus Network

Occentus Network is a telecommunications service provider specialized in High Availability Servers & managed Cloud services.

Helix Security Services

Helix Security Services

Helix Security provides IT & information security consultancy to government and businesses across New Zealand.

Linx Security

Linx Security

The Linx Identity Security platform enables identity, security, and IT ops teams to finally control the whole identity lifecycle.