Dealing With Scam Emails

Uploaded on 2021-12-02 in TECHNOLOGY--Resilience, FREE TO VIEW

Feeling totally safe on the Internet nowadays is a rare luxury, but still people tend to be more trusting and relaxed in some cases. This is especially true for working environment, where employees may feel secured because of all the corporate measures to protect company’s data and finances.

Ironically, having regular cyber security training and knowing about elaborate digital protection technologies may make some employees open to easy and straightforward scamming attempts. 

Remember, that corporate mail is not a 100% safeguard against fraudulent messages. Read this article to learn how to react after receiving a scam mail.

How To Check For Scam Emails

You’re receiving hundreds of emails every day, so what to do to minimize the risks of getting scammed? Implement this basic email processing routine to ensure you’re doing your part of the job. 

Check the sender’s address:   Scammers often copy real electronic addresses you may find authentic at first glance. But second look will ensure you won’t miss extra dot or wrong letter in sender’s address.

Carefully Analyse The Content:   Absent or incorrect signature in the email, weird logo or outdated letterhead – noticing these little mistakes of the scammers may save you from troubles. But even proper corporate formatting is not a green light yet. 

If the request in email seems odd to you, especially concerning any data transferring or financial transactions, restrain from any immediate actions. Call for unusual actions or decisions that go against set procedures or established practice is good enough reason to check this request or consult with superior. 

Verify information by other means:   Trust your instinct and find another way to contact a person who sent you the suspicious email. Call via the phone number you’ve known before (not the one indicated in the email), talk personally, or use another email address. 

These simple steps would be sufficient for absolute majority of your incoming mail. Most scamming attempts are messy, so you’ll identify them with little effort.

Here for more details on most popular scamming schemes online, but beware, some elaborate tricks may get through your safeguards and it is crucial you know how to react.

What To Do With A Scam Email

You have received a suspected scam email from your corporate address and now wondering what you should do next.  Follow this advice to lower the chances of seriously damaging your company’s cyber security.

Never open an email you find suspicious:   Avoid opening any letters looking weird at first glance. Confusing subject line, amended sender’s address, your name misspelled can be an indication. Just do not open it and find a way to double-check its authenticity.

Do not click on any links:   Some letters just look totally safe at first or you opened one automatically before noticing something’s off. Main rule – do not click on any links. You may open doors for malware entering your own and the whole company’s IT system. Watch out specifically for emails providing links to change your password for safety reasons. You should know the corporate regulations for personal identification credentials, which are rarely through email prompts.

Change your password:   You successfully identified the scamming attempt, avoided clicking on any links, so what’s next. It would be wise to change your password to mailbox and corporate computer account through established trustworthy procedure. Log out from previous session on all your devices after changing password. Consider activating two-factor (or multifactor) identification to reinforce your protection.

Make sure you’re not accidentally open to such attacks:   In most cases scamming attempts are rather random than targeted ones. But it’s best to do your best to avoid helping scammers (and spammers) unknowingly. Recall where do you use your email address, except from bilateral communications or business cards. Remove your address from widest public availability – website, social media, printed handouts. Don’t forget to not use your corporate mailing address for online purchases or subscriptions, or any personal purposes.

Inform your company's IT / Security officer:   Do it urgently if you opened the links or suspect malware attacking your computer. Otherwise, it’s just beneficial for dedicated cyber security specialist to know about scamming attempts. This allows to watch out for more letters, check security setup and probably notify the staff reminding of basic digital hygiene rules.

Remember that burden of responsibility to do your best for cyber safety of your company lies with you and your vigilance is part of your professional duties. Most precautions for scamming emails do not require a lot of time or efforts, so they are easy to remember and implement constantly.

Eliza Sadler is a professional journalist currently working for a leading Assignment Writing service. 

You Might Also Read: 

Secure Your Personal Email & Social Media Accounts:

 

« What Is An API, Anyway?
What Every PHP Developer Needs to Know About Cyber Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

Packet Storm

Packet Storm

Packet Storm is an online resource for security tools, whitepapers, exploits, and advisories on computer security issues.

Cybrary

Cybrary

Cybrary is an open-source cyber security and IT learning and certification preparation platform.

Block Armour

Block Armour

Block Armour is a Mumbai and Singapore based venture focused on harnessing emerging technologies to counter growing Cybersecurity challenges in bold new ways.

ZeroNorth

ZeroNorth

ZeroNorth provides a new approach to improve software and infrastructure security, simplify continuous compliance reporting and to create more cost-effective risk management programs.

APERIO

APERIO

APERIO, the global leader in industrial data integrity, helps its customers drive profitability and sustainability while mitigating risk in their industrial operations.

SensorHound

SensorHound

SensorHound’s mission is to improve the security and reliability of the Internet of Things (IoT).

HackHunter

HackHunter

HackHunter’s passive sensor network continuously monitors, detects and alerts when a malicious WiFi network and/or hacking behaviour is identified.

Bitcrack

Bitcrack

Bitcrack Cyber Security helps your company understand and defend your threat landscape using our key experience and skills in cybersecurity, threat mitigation and risk.

NuID

NuID

NuID is a pioneer in trustless authentication and decentralized digital identity.

Defensity

Defensity

Defensity offer bespoke & pre packaged IT Security Solutions for Small business to help companies reduce overall IT related risk.

Stratum Security

Stratum Security

Stratum Security is an information security consulting company that focuses on providing clear and concise risk guidance to its clients through high quality assessment services.

Cyphra

Cyphra

Cyphra’s team provide cyber security consulting, technical and managed services expertise and experience to support your organisation.

Protek International

Protek International

Protek International delivers world-class Digital Forensics, eDiscovery, Cyber Security, and related Advisory services.

ECHO Project

ECHO Project

The main objective of ECHO is to strengthen the cyber defence of the European Union, enhancing Europe’s technological sovereignty through effective and efficient multi-sector collaboration.

Tozny

Tozny

Tozny offers products with security and privacy in mind that are built on the foundation of end-to-end encryption, and open-source verifiable software.

Exium

Exium

At Exium we’ve integrated networking and security in a cloud-delivered Zero Trust platform powered by 5G and open source.