The festive period represents a busy time for any industry, not least cyber criminals who take advantage of people’s goodwill by sending fake e-greeting cards and seasonal offers, all with the hope of the recipient opening it and clicking on a malicious link. For the most part, organisations and staff are increasingly aware of these tactics and know to avoid them, but often the trickier challenge comes when that email is from a recognised person, such as their own boss.
At this time of year particularly, this might come in the form of an email supposedly from your senior leadership team advising staff about using a new holiday calendar to keep track of people’s leave during this busy period. Alternatively, an email exploiting the Christmas party, by asking staff to click on a link to pick food options for a team meal. These examples are completely opportunistic and likely to have no bearing on the organisation itself, but all it takes is one member of staff to click on a link to cause a whole host of problems for a business.
Considering this, intY advises that there are several giveaways that staff should look out for to determine the validity of an email and to avoid being phished.
Firstly, look at the email address. Cyber criminals will use a familiar email address containing the slightest of variations; possibly a missing letter or adding an additional one. If that is the case, there is a strong chance this is fraudulent.