Dealing With Scam Emails

Uploaded on 2021-12-02 in TECHNOLOGY--Resilience, FREE TO VIEW

Feeling totally safe on the Internet nowadays is a rare luxury, but still people tend to be more trusting and relaxed in some cases. This is especially true for working environment, where employees may feel secured because of all the corporate measures to protect company’s data and finances.

Ironically, having regular cyber security training and knowing about elaborate digital protection technologies may make some employees open to easy and straightforward scamming attempts. 

Remember, that corporate mail is not a 100% safeguard against fraudulent messages. Read this article to learn how to react after receiving a scam mail.

How To Check For Scam Emails

You’re receiving hundreds of emails every day, so what to do to minimize the risks of getting scammed? Implement this basic email processing routine to ensure you’re doing your part of the job. 

Check the sender’s address:   Scammers often copy real electronic addresses you may find authentic at first glance. But second look will ensure you won’t miss extra dot or wrong letter in sender’s address.

Carefully Analyse The Content:   Absent or incorrect signature in the email, weird logo or outdated letterhead – noticing these little mistakes of the scammers may save you from troubles. But even proper corporate formatting is not a green light yet. 

If the request in email seems odd to you, especially concerning any data transferring or financial transactions, restrain from any immediate actions. Call for unusual actions or decisions that go against set procedures or established practice is good enough reason to check this request or consult with superior. 

Verify information by other means:   Trust your instinct and find another way to contact a person who sent you the suspicious email. Call via the phone number you’ve known before (not the one indicated in the email), talk personally, or use another email address. 

These simple steps would be sufficient for absolute majority of your incoming mail. Most scamming attempts are messy, so you’ll identify them with little effort.

Here for more details on most popular scamming schemes online, but beware, some elaborate tricks may get through your safeguards and it is crucial you know how to react.

What To Do With A Scam Email

You have received a suspected scam email from your corporate address and now wondering what you should do next.  Follow this advice to lower the chances of seriously damaging your company’s cyber security.

Never open an email you find suspicious:   Avoid opening any letters looking weird at first glance. Confusing subject line, amended sender’s address, your name misspelled can be an indication. Just do not open it and find a way to double-check its authenticity.

Do not click on any links:   Some letters just look totally safe at first or you opened one automatically before noticing something’s off. Main rule – do not click on any links. You may open doors for malware entering your own and the whole company’s IT system. Watch out specifically for emails providing links to change your password for safety reasons. You should know the corporate regulations for personal identification credentials, which are rarely through email prompts.

Change your password:   You successfully identified the scamming attempt, avoided clicking on any links, so what’s next. It would be wise to change your password to mailbox and corporate computer account through established trustworthy procedure. Log out from previous session on all your devices after changing password. Consider activating two-factor (or multifactor) identification to reinforce your protection.

Make sure you’re not accidentally open to such attacks:   In most cases scamming attempts are rather random than targeted ones. But it’s best to do your best to avoid helping scammers (and spammers) unknowingly. Recall where do you use your email address, except from bilateral communications or business cards. Remove your address from widest public availability – website, social media, printed handouts. Don’t forget to not use your corporate mailing address for online purchases or subscriptions, or any personal purposes.

Inform your company's IT / Security officer:   Do it urgently if you opened the links or suspect malware attacking your computer. Otherwise, it’s just beneficial for dedicated cyber security specialist to know about scamming attempts. This allows to watch out for more letters, check security setup and probably notify the staff reminding of basic digital hygiene rules.

Remember that burden of responsibility to do your best for cyber safety of your company lies with you and your vigilance is part of your professional duties. Most precautions for scamming emails do not require a lot of time or efforts, so they are easy to remember and implement constantly.

Eliza Sadler is a professional journalist currently working for a leading Assignment Writing service. 

You Might Also Read: 

Secure Your Personal Email & Social Media Accounts:

 

« What Is An API, Anyway?
What Every PHP Developer Needs to Know About Cyber Security »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CONCERT

CONCERT

CONCERT is a Computer Emergency Response Team and cyber security information sharing network for companies, institutes and government in Korea.

Protection Group International (PGI)

Protection Group International (PGI)

PGI helps organisations and governments to manage digital risk. From cyber security services to business intelligence, we help reduce the risks to your finances, reputation, assets and people.

ECOS Technology

ECOS Technology

ECOS Technology specializes in the development and sale of IT solutions for high-security remote access as well as the management of certificates and smart cards.

Wüpper Management Consulting (WMC)

Wüpper Management Consulting (WMC)

Specialized in compliance, risk management and holistic information security WMC GmbH has longtime implementation experience in global projects.

Fiserv

Fiserv

Fiserv offers a wide array of Risk & Compliance solutions to help you prevent losses from fraud and ensure adherence to regulatory and compliance mandates.

Secure-IC

Secure-IC

Secure-IC provide end-to-end, best-of-breed security expertise, solutions, and hardware & software technologies, for embedded systems and connected objects.

Syber Technology

Syber Technology

Syber Technology is an IT project implementer empowering IT systems of Small to Medium Enterprises in the Middle East.

KrCERT/CC

KrCERT/CC

KrCERT/CC is the National Computer Emergency Response Team in Korea.

Technology Innovation & Startup Centre (TISC)

Technology Innovation & Startup Centre (TISC)

TISC is a startup incubator at the Indian Institute of Technology Jodhpur (IITJ) and we back deep-tech startups.

In-Q-Tel (IQT)

In-Q-Tel (IQT)

IQT is the non-profit strategic investor that accelerates the development and delivery of cutting-edge technologies to U.S. government agencies that keep our nation safe.

Cynalytica

Cynalytica

Cynalytica deliver pioneering cybersecurity and machine analytics technologies that help protect critical infrastructure, securely enable Industry 4.0 and help accelerate digital transformation.

DataSolutions

DataSolutions

DataSolutions is a leading value-added distributor of transformational IT solutions in the UK and Ireland.

Nuts Technologies

Nuts Technologies

Nuts Technologies are simplifying data privacy and encryption with our innovative and novel data containers we call nuts based on our Zero Trust Data framework.

HADESS

HADESS

We are "Hadess", a group of cyber security experts and white hat hackers.

Secur-Serv

Secur-Serv

Secur-Serv is a security-first managed services provider. We provides Managed IT, Managed Print, Managed Device, and Cybersecurity services to companies of every size.

Unosecur

Unosecur

Unosecur is a comprehensive identity security platform that addresses identity-related threats in multi-cloud and on-premise environments.