It appears that contractors are becoming common victims from phishing emails. Phishing emails can be one of the most dangerous forms of cyber-crime. These emails appear to be from legitimate sources (like HMRC or an Umbrella Company) and request sensitive information from the recipient. This information is often requested either within the body of the email, or through a link that may take you to a mimicked version of the company’s website.
The expression ’phishing’ is a twist on ‘fishing’, as the criminals are hanging a fake ’bait’ (the email and/or website that looks genuine) hoping users will ’bite’ by providing sensitive information the criminals have requested. This could be anything from credit card numbers to usernames and passwords.
We’ve got some tips to make sure you’re not caught out by these phishing emails:
1. Look at who sent the emails
You will need to pay close attention to the address which the email is from, not just the name.
No organisation will contact you from a general email address like ‘@gmail.com’ not even Google. With the exception of independent workers, every organisation has its own email domain and company accounts. For example, emails from Google would read ‘@google.com’ and emails from us will always be from ‘@exceedoutsourcing.co.uk’
Pay attention to the spelling of the domain as well. Criminals can catch people out through slightly different spellings of domain names. For example, if you received an email from ‘@exceedoulsourcing.co.uk’ you may not notice that it is incorrect.
2. Look out for poorly written emails
Scam emailing often include unusual phrases and grammatical errors.
When creating phishing messages, scammers will often use a spellchecker or translation programme. This will give them all of the correct words but not necessarily in the correct context.
3. Look for suspicious links or attachments
Phishing emails come in many different forms. If the message itself is not requesting information, there may be infected attachments or links to follow.
It is advised that you never open an attachment unless you are 100% confident that the email has been sent from a legitimate party. Even then, you should look out for anything suspicious within the attachment.
Make sure you check the destination address of any links before you click them. If you’re viewing the email in a browser, you can hover your mouse over any buttons and the destination will appear on the bottom bar of the window. On mobile devices you can hold down on links and a pop-up will appear showing the destination address.
Prevention is most important when it comes to phishing emails, so we urge you to take note of these tips to avoid falling victim to these criminals. If you’re ever in doubt, ring the organisation who are allegedly contacting you and they will be able to confirm whether emails are legitimate.