How To Identify Email Scams

Emails scams are a common and increasing challenge for Australian business, with email being the second most popular delivery method for scammers.

The most common form of email scams is phishing scams, which is an attempt by scammers to trick you into giving out your personal or business information such as your bank account numbers, passwords and credit card numbers. If they get that information, they could gain access to your email, bank, or other accounts. Scammers launch thousands of phishing attacks like these every day — and they’re often successful.

How To Identify Phishing Emails

Australians have lost nearly $1million to email phishing scams to-date in 2020, so it’s critical that you protect your business. Scammers are constantly updating their tactics, but there are some signs that will help you recognise a phishing email:

1. The Email Looks Genuine

Phishing emails may appear to come from a company you know or trust. They may look like they’re from a bank, a credit card company, a social networking site, an online payment website or app, or an online store.

Scam emails can look like legitimate communication

2. The Email Tells A Story

Phishing emails often tell a story to trick you into clicking on a link or opening an attachment. For instance, the email may:

  • Say you must confirm business or personal information
  • Ask you to click on a link to make a payment
  • Claim that your eligible for a government refund or grant
  • Include a fake invoice attachment
  • Say they’ve noticed suspicious login attempts or activity
  • Claim that there is a problem with a business account or payment information

How To Protect Your Business From Phishing Emails

Your email spam filters may keep many phishing emails out of your inbox. But scammers are always trying to outsmart spam filters, so it’s a good idea to add extra layers of protection. There are steps you can take today to protect your business from phishing attacks.

1. Use Security Software

Protect business computers, laptops, mobile phones and tablets by ensuring you use the latest security software, update this software automatically, and implement any security patches to deal with new threats

2. Secure Passwords and multi-factor authentication

Secure passwords are a key tool in protecting your business against cyber crime. Many accounts and applications now offer multi-factor authentication, meaning two or more credentials are required to log into an account. There are two categories of multi-factor authentication:

  • Something you have – such as a passcode or password you receive via text message or authentication app
  • Something you are – such as a retina, face or fingerprint scan

This makes it harder for scammers to access your accounts, even if they get your username and password.

3. Back up your data

It’s critical to protect your data with frequent backups, and ensure these backups aren’t connected to your network. Use external or cloud-based storage so even if a phishing attack occurs in your business, you have access to a reliable data backup.

4. Educate your staff

Most businesses blame cyber threats on outsiders but sometimes the threat actually originates from within when employees’ lack of awareness and/or negligence open the door. Educate your staff about the risk of cyber security threats, and how to identify potential threats such as phishing emails.

5. Stay up-to-date with the latest scams

Subscribe to regular scam alerts such produced by reputable IT companies such as Surety IT.

What To Do If you Suspect a Phishing Email

If your business receives an email that asks you to click on a link or attachment, ask the following questions:

business email compromise scam
An example of a business email scam
1. Does the email look suspicious?

Use our above How To Identify A Phishing Email information as a guide

2. Do I have an account with the company or know the person contacting our business?

If the answer is no, this may well be a scam email.

3. Does the email look legitimate? Is this the way the contact normally communicates with us? Is the grammar correct? Does the email address match the genuine company email address?

Even if the email is from a known sender, if you are still suspicious, contact the company via phone or their website rather than click on email links. Confirm the email is genuine before you click on any links to avoid installing harmful malware.

What To Do If You Responded to a Phishing Email

If you believe a scammer may have obtained your information, take the following steps:

1. Update Your Software

If you think you clicked on a link or opened an attachment that downloaded harmful software, update your security software and run a scan, or contact your IT provider for expert assistance.

2. Report the Scam

If you got a phishing email or text message, report it to Scam Watch. Scamwatch is run by the Australian Competition and Consumer Commission (ACCC). It provides information to consumers and small businesses about how to recognise, avoid and report scams. The information you give can help fight the scammers.

3. Try to Limit the Damage

Unfortunately, if you’ve lost money to a scam or given out your personal details to a scammer, you’re unlikely to get your money back unless you have cyber crime insurance. However, Scam Watch provides information about the steps you can take straight away to limit the scam damage and protect yourself from further loss.

To protect your business from cyber crime, contact an expert IT company who can provide advice and assist with your cyber strategy and management.

Further Reading:

How To Reduce the Risk of Cyber Attack in Business

How To Implement Secure Video Conferencing in your Business

COVID-19 and Cyber Security Business Contingency Planning

Contact Us

This field is for validation purposes and should be left unchanged.

Find out how we can help with your IT challenges.

About the author:

Picture of Ash Klemm

Ash Klemm

Ash has over 20 years of experience in sales and marketing. His journey from a casual salesperson at Chandlers to State Manager at a national IT distribution company, while battling health issues, including a double lung transplant in 2015, gave him the experience, know-how, tenacity, and marketing insight, to find solutions and help businesses grow. After spending several years in the ivory tower of state management, Ash missed the genuine connection of face to face meetings and helping make a difference to businesses in need. His authentic, conversational, and easy-going nature helps our customers feel at ease and shows them we are a brand to trust. Ash spends his days advocating for our customers to ensure they receive the best possible service in a timely fashion. Ash is also the in house chair builder. His curiosity and natural problem-solving ability make him the perfect first call for all our new customers to help determine what is wrong, how Surety IT can help and what the best solutions are moving forward.
Scroll to Top