Share this page:
Follow Choice on Social Media:
Get the most out of life

Choice Blog

Gone phishing- How to spot an email scam

There are numerous phishing scams that are currently doing the rounds, which you may have seen or read about

What is Phishing?

Phishing is an email that is trying to obtain secure and sensitive information which includes passwords, usernames and credit card details. 

One of the main ones is the CEO fraud scam email which is one most employees should be aware of.

What is the CEO fraud scam email?

You will receive and email delivered to your inbox at work from a scammer who insists he is your boss or another senior executive.

The scammer will state that they urgently need to transfer money to a specific bank account to pay for a service or product. If you assume this email is genuine you may go along with this and send money to the scammer's bank account. After all, it is from your boss right?

The scammers are ery clever and often use malware to gain access to company networks. By doing this they have access to all emails regarding invoices/billing etc and this seems to make the email request more genuine.

It has been estimated that over £32 million has been lost by business owners as a result of this scam- so as you can see the scam is vast. Only around £1 million has been removed by victims of the scam. Do not become a victim.

How to avoid this

Always check with the person who yu think sent the email no matter how senior they are or if they are in a meeting all day. Somehow get a message to them. If they are not around, speak to a more senior member of staff. Under no circumstance reply by email as the email could be hacked and the reply you get back could be from the scammer. Instead, call the person or send them a text.

Never make the payment no matter how urgent it seems.

Make sure that every employee in the organisation os aware of this scam and that everyone needs to be diligent about replying to emails of this nature regarding money transfers.

Any requests for monies by email should be supported by documentation from the sender. Make sure you have a valid process in place with checks through the potential transfer.

Should a member of staff receive the CEO scam email, make sure you already have a backup plan- this can include having two or three key contacts who can check that the email is genuine or not. Why not always include a sae word in your emails. That way you will know it is from a legitimate source.

Make sure your finance team always review financial statements/invoices for any errors which can include incorrect spelling, different bank account quoted, more frequent invoices etc.

Check you website. Is there too much information about your CEO or other execs? Decide what information you think can be made public and what should be hidden. Why not consider removing all email addressed anf having one that is a general email address. Then someone in the organisation can review the emails when they come in and pass on to the relevant person.

Never trust the email header- the header can be faked very simply.

Ensure that your computer systems are secure and that anti-virus software is updated on a regular basis. Even with these in lace, emails from spammers can still get through, so always be alert.

Please do not feel stupid if you fell for this scam. Sadly, many business savvy people have been conned. Just always be aware- if an email looks strange take your time to consider the implications not just for yourself but the company as a whole.

About Gerardine

My name is Gerri although I was born Gerardine – and I am yet to find anyone with that name! Often women of a certain age are often invisible and I am here to prove that is not the case. My blog posts cover all women related topics including dating in your fifties onwards, The menopause, employment (or not), fashion, health and beauty to name but a few…. I aim to be up beat and topical and hope you enjoy!

http://overthehillandundertheradar.com/