Dealing With Scam Emails

Uploaded on 2021-12-02 in TECHNOLOGY--Resilience, FREE TO VIEW

Feeling totally safe on the Internet nowadays is a rare luxury, but still people tend to be more trusting and relaxed in some cases. This is especially true for working environment, where employees may feel secured because of all the corporate measures to protect company’s data and finances.

Ironically, having regular cyber security training and knowing about elaborate digital protection technologies may make some employees open to easy and straightforward scamming attempts. 

Remember, that corporate mail is not a 100% safeguard against fraudulent messages. Read this article to learn how to react after receiving a scam mail.

How To Check For Scam Emails

You’re receiving hundreds of emails every day, so what to do to minimize the risks of getting scammed? Implement this basic email processing routine to ensure you’re doing your part of the job. 

Check the sender’s address:   Scammers often copy real electronic addresses you may find authentic at first glance. But second look will ensure you won’t miss extra dot or wrong letter in sender’s address.

Carefully Analyse The Content:   Absent or incorrect signature in the email, weird logo or outdated letterhead – noticing these little mistakes of the scammers may save you from troubles. But even proper corporate formatting is not a green light yet. 

If the request in email seems odd to you, especially concerning any data transferring or financial transactions, restrain from any immediate actions. Call for unusual actions or decisions that go against set procedures or established practice is good enough reason to check this request or consult with superior. 

Verify information by other means:   Trust your instinct and find another way to contact a person who sent you the suspicious email. Call via the phone number you’ve known before (not the one indicated in the email), talk personally, or use another email address. 

These simple steps would be sufficient for absolute majority of your incoming mail. Most scamming attempts are messy, so you’ll identify them with little effort.

Here for more details on most popular scamming schemes online, but beware, some elaborate tricks may get through your safeguards and it is crucial you know how to react.

What To Do With A Scam Email

You have received a suspected scam email from your corporate address and now wondering what you should do next.  Follow this advice to lower the chances of seriously damaging your company’s cyber security.

Never open an email you find suspicious:   Avoid opening any letters looking weird at first glance. Confusing subject line, amended sender’s address, your name misspelled can be an indication. Just do not open it and find a way to double-check its authenticity.

Do not click on any links:   Some letters just look totally safe at first or you opened one automatically before noticing something’s off. Main rule – do not click on any links. You may open doors for malware entering your own and the whole company’s IT system. Watch out specifically for emails providing links to change your password for safety reasons. You should know the corporate regulations for personal identification credentials, which are rarely through email prompts.

Change your password:   You successfully identified the scamming attempt, avoided clicking on any links, so what’s next. It would be wise to change your password to mailbox and corporate computer account through established trustworthy procedure. Log out from previous session on all your devices after changing password. Consider activating two-factor (or multifactor) identification to reinforce your protection.

Make sure you’re not accidentally open to such attacks:   In most cases scamming attempts are rather random than targeted ones. But it’s best to do your best to avoid helping scammers (and spammers) unknowingly. Recall where do you use your email address, except from bilateral communications or business cards. Remove your address from widest public availability – website, social media, printed handouts. Don’t forget to not use your corporate mailing address for online purchases or subscriptions, or any personal purposes.

Inform your company's IT / Security officer:   Do it urgently if you opened the links or suspect malware attacking your computer. Otherwise, it’s just beneficial for dedicated cyber security specialist to know about scamming attempts. This allows to watch out for more letters, check security setup and probably notify the staff reminding of basic digital hygiene rules.

Remember that burden of responsibility to do your best for cyber safety of your company lies with you and your vigilance is part of your professional duties. Most precautions for scamming emails do not require a lot of time or efforts, so they are easy to remember and implement constantly.

Eliza Sadler is a professional journalist currently working for a leading Assignment Writing service. 

You Might Also Read: 

Secure Your Personal Email & Social Media Accounts:

 

« What Is An API, Anyway?
What Every PHP Developer Needs to Know About Cyber Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

International Association of Professional Security Consultants (IAPSC)

International Association of Professional Security Consultants (IAPSC)

Members of the IAPSC represent a unique group of respected, ethical and competent security consultants.

SiteLock

SiteLock

SiteLock is a global leader in website security solutions. We provide affordable, cybersecurity software solutions designed to allow small to midsize businesses to operate without fear of an attack.

OASIS Open

OASIS Open

OASIS Open is where individuals, organizations, and governments come together to solve some of the world’s biggest technical challenges through the development of open code and open standards.

Potomac Institute for Policy Studies

Potomac Institute for Policy Studies

Potomac Institute undertakes research on key science, technology, and national security issues facing society, Study areas include cybersecurity.

Uniscon

Uniscon

Uniscon is a leading provider of cloud security solutions in Europe.

Dionach

Dionach

Dionach are a certified information security specialists who provide Penetration Testing, IT Security Auditing and Information Security Consultancy.

Prove & Run

Prove & Run

Prove & Run provides a patented software development toolchain that is specifically forged to deal with the complex security properties of sensitive software components.

Inavate Consulting

Inavate Consulting

Inavate Consulting are experts in defining and implementing information assurance solutions and governance frameworks. Our ISO27001 consultants are the most experienced in the industry.

MyCyberSecurity Clinic (MyCSC)

MyCyberSecurity Clinic (MyCSC)

MyCyberSecurity Clinic's main goal is toward establishing an international reference centre for excellence in the field of digital forensics and data recovery services.

SWAT Systems

SWAT Systems

SWAT Systems is an IT support and cyber security managed service provider.

Resilience Cyber Insurance Solutions

Resilience Cyber Insurance Solutions

Resilience Cyber Insurance combines insurance expertise with cybersecurity and data talent to deliver clear, effective solutions to protect you for the cyberrisks of today—and tomorrow.

Zitec

Zitec

One of Europe's largest and most prominent full-cycle software development services companies, Zitec is the digital transformation partner to companies in the EU, UK, USA, Canada and ME.

Collabera Digital

Collabera Digital

Collabera Digital engineer the next generation of solutions that power tech-forward organizations and create an impact on people and communities.

ZainTech

ZainTech

Zaintech is a regional digital & ICT solutions provider offering comprehensive digital solutions and services to enterprise and government customers in the MENA region.

Innov8tif

Innov8tif

Innov8tif is an AI company specialised in providing ID assurance solutions — helping digital businesses to prevent frauds by verifying and authenticating customers identity.

InfoSight

InfoSight

InfoSight offers proven Cyber Security, Regulatory Compliance, Risk Management and Infrastructure Solutions to protect your business and your customers from cyber crime and fraud.