Share on facebook
Share on twitter
Share on linkedin
Share on pocket
identify email scams

Emails scams are a common and increasing challenge for Australian business, with email being the second most popular delivery method for scammers.

The most common form of email scams is phishing scams, which is an attempt by scammers to trick you into giving out your personal or business information such as your bank account numbers, passwords and credit card numbers. If they get that information, they could gain access to your email, bank, or other accounts. Scammers launch thousands of phishing attacks like these every day — and they’re often successful.

How To Identify Phishing Emails

Australians have lost nearly $1million to email phishing scams to-date in 2020, so it’s critical that you protect your business. Scammers are constantly updating their tactics, but there are some signs that will help you recognise a phishing email:

1. The Email Looks Genuine

Phishing emails may appear to come from a company you know or trust. They may look like they’re from a bank, a credit card company, a social networking site, an online payment website or app, or an online store.

Scam emails can look like legitimate communication

2. The Email Tells A Story

Phishing emails often tell a story to trick you into clicking on a link or opening an attachment. For instance, the email may:

  • Say you must confirm business or personal information
  • Ask you to click on a link to make a payment
  • Claim that your eligible for a government refund or grant
  • Include a fake invoice attachment
  • Say they’ve noticed suspicious login attempts or activity
  • Claim that there is a problem with a business account or payment information

How To Protect Your Business From Phishing Emails

Your email spam filters may keep many phishing emails out of your inbox. But scammers are always trying to outsmart spam filters, so it’s a good idea to add extra layers of protection. There are steps you can take today to protect your business from phishing attacks.

1. Use Security Software

Protect business computers, laptops, mobile phones and tablets by ensuring you use the latest security software, update this software automatically, and implement any security patches to deal with new threats

2. Secure Passwords and multi-factor authentication

Secure passwords are a key tool in protecting your business against cyber crime. Many accounts and applications now offer multi-factor authentication, meaning two or more credentials are required to log into an account. There are two categories of multi-factor authentication:

  • Something you have – such as a passcode or password you receive via text message or authentication app
  • Something you are – such as a retina, face or fingerprint scan

This makes it harder for scammers to access your accounts, even if they get your username and password.

3. Back up your data

It’s critical to protect your data with frequent backups, and ensure these backups aren’t connected to your network. Use external or cloud-based storage so even if a phishing attack occurs in your business, you have access to a reliable data backup.

4. Educate your staff

Most businesses blame cyber threats on outsiders but sometimes the threat actually originates from within when employees’ lack of awareness and/or negligence open the door. Educate your staff about the risk of cyber security threats, and how to identify potential threats such as phishing emails.

5. Stay up-to-date with the latest scams

Subscribe to regular scam alerts such produced by reputable IT companies such as Surety IT.

What To Do If you Suspect a Phishing Email

If your business receives an email that asks you to click on a link or attachment, ask the following questions:

business email compromise scam
An example of a business email scam
1. Does the email look suspicious?

Use our above How To Identify A Phishing Email information as a guide

2. Do I have an account with the company or know the person contacting our business?

If the answer is no, this may well be a scam email.

3. Does the email look legitimate? Is this the way the contact normally communicates with us? Is the grammar correct? Does the email address match the genuine company email address?

Even if the email is from a known sender, if you are still suspicious, contact the company via phone or their website rather than click on email links. Confirm the email is genuine before you click on any links to avoid installing harmful malware.

What To Do If You Responded to a Phishing Email

If you believe a scammer may have obtained your information, take the following steps:

1. Update Your Software

If you think you clicked on a link or opened an attachment that downloaded harmful software, update your security software and run a scan, or contact your IT provider for expert assistance.

2. Report the Scam

If you got a phishing email or text message, report it to Scam Watch. Scamwatch is run by the Australian Competition and Consumer Commission (ACCC). It provides information to consumers and small businesses about how to recognise, avoid and report scams. The information you give can help fight the scammers.

3. Try to Limit the Damage

Unfortunately, if you’ve lost money to a scam or given out your personal details to a scammer, you’re unlikely to get your money back unless you have cyber crime insurance. However, Scam Watch provides information about the steps you can take straight away to limit the scam damage and protect yourself from further loss.

To protect your business from cyber crime, contact an expert IT company who can provide advice and assist with your cyber strategy and management.

Further Reading:

How To Reduce the Risk of Cyber Attack in Business

How To Implement Secure Video Conferencing in your Business

COVID-19 and Cyber Security Business Contingency Planning

About the author:

Geoff Stewart

Geoff Stewart

Geoff Stewart is a highly experienced and skilled IT Challenger at Surety IT. His knowledge is based on years of industry experience having created customised, stable, well performing systems both for multi-national companies in the UK and Australia and Surety IT customers.

Surety IT’s mission is to address and overcome the 4 biggest problems businesses have with their IT systems and support which are: poorly performing systems, unreliable systems, unresponsive IT support and poor IT related advice.

We’ve developed a proprietary process that allows us to do that by: thoroughly understanding your business requirements, gaining an in-depth knowledge of your IT systems, identifying mission critical technology issues vital to your business performance and ensuring our ‘Solution Path’ process is specifically designed and tailored for you with value based solutions and support.

Give us a call or send us a message on our contact page to find out more about how we go about achieving these outcomes.

Scroll to Top