Phishing may sound harmless and more like an outdoor activity to enjoy on a summer's day, however, this form of phishing is an email threat that certainly doesn’t give the same enjoyment as the popular hobby.
What is email phishing?
Phishing is a form of internet scam that is often transmitted via email. It targets individuals and businesses alike to try and gain information that usually relates to banking information, personal data or company data. An attacker will often impersonate a company such as your bank, your business partners or larger companies such as HMRC and Royal Mail (as in recent events due to COVID-19) in a bid to get your attention and carry out the instructions as requested on the email.
Many businesses face multiple phishing emails every week, and unfortunately, some people lose vital company information to competitors and mass amounts of money to scammers by wrongly thinking that these emails are from legitimate sources - and why wouldn’t you think they are legitimate without knowing some key features of a phishing email?
Examples of phishing emails
As technology becomes a more important way of working, the phishing emails get better at fooling people and are constantly changing their approach as people get more educated about existing attacks. Here are some of the most common phishing email attempts at the moment, and some ways to spot any future releases:
Example 1 - HMRC identified phishing email.
Example 1 shows an example phishing email that has been picked up by HMRC, as you can see from the email it looks quite legitimate with the same email format/colour scheme that HMRC often use in emails and via updates on their website as well at the ‘GOV.UK’ logo in the top left.
Sadly, attackers often use current world events to take advantage of vulnerable business owners/people who are losing their jobs and companies such as COVID-19. The above email poses to be a tax refund to help ‘protect yourself against COVID-19’ with a link to ‘Access your funds now’.
The email also includes a link to the legitimate NHS website with information about COVID-19 to make the reader believe this is truly HMRC and so, will click the ‘access your funds now’ link to get the tax refund they now believe is legit! This link will often open a web link that is totally false and ask you to input your banking information to receive your refund - something that will not happen and your information will be used for other reasons. I’ll leave you to figure out the reasons why they really want your bank info…
Example 2 - PayPal
As PayPal plays a more important role in day-to-day life for sending and receiving payments due to lack of cash exchange; the attackers have quickly caught onto the fact that PayPal is a great company to pose as to gain money from businesses and people.
This phishing email from PayPal again looks legitimate due to the colour scheme and logo in the top left. This one is a simple phishing email that has more than likely been effective due to the large blue button at the bottom of the email. A lot of people will open this, see it is from PayPal, see the account is limited and immediately click the button to resolve the issue without checking the finer details. This button will direct you to a page that looks exactly like PayPal, and when you log in your details are passed to the attacker in plain text - who can lock you out of your account by changing the password and have fun with your cards.
How to spot a fake email vs a legit email
The two examples provided are fairly common but examples of good phishing emails. A lot of the time, the email’s English is really poor and is the first giveaway that the email is not legitimate.
Checking the sender of the email is usually the best way to spot these phishing attempts. As seen in the HMRC example the email comes from ‘firstname.lastname@example.org’ and the PayPal example comes from ‘email@example.com’ the important part to look out for here is the bit after the ‘@’. If it is a legitimate email the ‘domain name’ will be the original one, for example, @gov.uk or @paypal.com. Be aware, although the examples provided were big giveaways, sometimes @paypa.com (or similar) may be used with letters missing to make it harder to spot.
For emails with links, hover over the first and the link location will be revealed, often they will be odd links that really stand out. If the link does not contain the original domain name (eg paypal.com) at the beginning it is most likely fake. Do not click on it.
What to do if I have fallen for one of these scams?
You may think it is best to delete the email and forget all about it, unfortunately, if you have clicked on a link and submitted details to one of these fraudulent sites it is too late.
The first things you should do:
Contact your bank to place a block on your card if you have submitted bank information.
Change any passwords that you have submitted, for the account in question and other accounts that share the same password.
Contact the company who the attacker was pretending to be - they may ask you for a copy of the email for investigation.
The methods I have mentioned to spot a phishing email are more difficult on a mobile phone if you are in doubt open it on a PC/laptop for a further look.
If the phishing emails contain an attachment of some sort, DO NOT open it and if you already have, contact an IT professional for the next steps.