In April 2020, Google reported blocking over 18 million coronavirus scam emails daily. When you take regular email scams into consideration, this adds up to over 100 million phishing emails per day.
Today, we’re much further into the pandemic, which definitely means email scams are even more on the rise. Cybercriminals are certainly taking advantage of the pandemic, especially since people are working from home, or outside of the office.
In fact, Mimecast found a 145% increase in cyberattacks from October to December 2019 alone. And Barracuda Networks reported a 667% increase in malicious phishing attacks during the pandemic. There are over 3.9 billion active email users in the world, so needless to say, hackers have a large pool of potential victims.
Do you know how to identify and handle email scams that want to infiltrate your business? Read on to find out how to better safeguard your data.
Types of email scams
There are several ways cybercriminals will try to breach your network through email. Here are the most common forms of email scams you’ll come across:
Phishing is a type of social engineering where fraudsters trick their victims into handing over their credentials. They do this by pretending to be people or companies you trust.
For instance, you might receive an email from what appears to be your bank. They claim that your account’s been compromised, so you need to change your password. This seems legitimate so you click on the link to reset your password and create a new one.
However, the link actually leads to a fake website the cybercriminal’s created. So, when you enter your existing credentials, they receive this information and use it against you.
Spam emails are one of the oldest tricks in the book. These mostly consist of “get rich quick” schemes, hoax charity pleas, or chain emails.
The good news is, today’s technology has enabled most email providers to filter these spam emails out. However, the odd spam email may make it through, so be sure to stay vigilant.
This type of email scam is when the fraudster masquerades as a C-level executive or another person of authority. Because employees trust these names, they’re more willing to fulfil requests made by these emails.
In most cases, these scammers ask their victims to make payments to a third-party bank account. This is done through fake invoices.
This is a more complicated type of email scam. Here, cybercriminals essentially hijack or forge an existing and legitimate email address. This sometimes allows scam emails to bypass the spam email filter.
What to look for in scam emails
Unfortunately, spam and scam emails do make it into email inboxes successfully. Thankfully, there are ways to recognise these so you don’t fall victim to them.
Here are a few things to look out for:
Different email addresses and names
With spam emails, it’ll be very obvious that the email addresses and sender names are not quite correct, making them easy to spot.
However, with more sophisticated phishing attempts, you’ll have to look closer. For instance, the scammer may have substituted a lowercase L with a capital I. This is a red flag, as it indicates the sender is trying to imitate someone else.
Poor spelling and grammar
Scam emails are carefully crafted to target the most vulnerable people. So cybercriminals will purposely misspell words and have poor grammar in spam emails. Or this might be the case if the scammer is not a native English speaker.
Well-known companies have reputations to uphold, so you won’t ever see glaring mistakes in their emails.
Strange authentication details
Spoofed emails will have the wrong authentication details. To check this, click on the header and look at the “mailed-by,” “signed-by,” and “encryption” details. These should all have a name that’s identical to the sender name.
Scammers will also take care to fake signatures. This might include attaching images that appear legitimate.
How to prevent email scams from happening
Now you know how to recognise email scams. Here are some other ways to prevent email scams from being successful.
The most important way you can prevent email scams from happening is with employee education. A chief security officer (CSO) can come up with a training strategy and plan to best tackle your cybersecurity.
For instance, a CSO can educate your employees about good digital and online practices. This can include strong password practises and avoiding opening emails when they don’t know the sender.
Not only can they teach your employees about all the latest email scams, but they can also perform random tests.
Alternatively, using a product like KnowBe4 can help employees spot a fake email. KnowBe4 simulates phishing attacks by sending your staff emails that appear to be genuine. If they follow the link or download the attachment they receive a notification warning them, they are also directed to further training videos. Not only does this help train staff it also provides reports for you so that you can see improvements over time. Check out our Blog Post on KnowBe4 here.
Robust antivirus and firewall
Should anything get past your employees, you need a safety net. Having a robust antivirus program and firewall can help catch anything that might infiltrate your network.
Make sure your antivirus software is installed on all devices and that it’s always updated promptly.
Use Microsoft 365
One of the best cloud suites to use for work is Microsoft 365. It helps keep users safe by detecting and blocking suspected spam in Outlook.
In addition, there’s a new feature coming out soon called Tenant. This is a portal where employers can run training and simulate phishing attempts to see how well their employees can identify potential threats. Considering how users are your first line of defence when it comes to cybersecurity, this can be key in prevent malicious emails from being successful.
Know how to identify an email scam and protect your business
Don’t delay in putting this information into action. Cybercriminals are always looking for ways to take advantage of your network vulnerabilities, so every minute that goes by is another chance for them to penetrate your defences.