Most businesses know that phishing emails are on the increase. Cyber criminals send an email which contains a malicious link or file that allows them to access your network. 83% of organisations reported an attack in the past few years, so it is more a case of “when” rather than “if”.
Hackers are becoming increasingly sophisticated with their methods and impersonating well-known brands as one of the tools in their armoury.
Microsoft has become the most imitated brand for phishing attacks, and whilst it is no fault of the brand, you and your employees need to be on high alert for anything suspicious.
During the second quarter of 2023, phishing attacks disguised as Microsoft accounted for 29% of attempts. Other brands included in the report were Google at 19.5% and Apple at 5.2%. The list also included Amazon, LinkedIn and Facebook.
What does this mean for your business?
Despite an evident surge in fake emails targeting Windows and Microsoft 365 customers, alerting your staff and giving them clear training and support will help protect you from data theft and fraudulent attacks.
The most imitated brands change, but cyber criminals are less likely to change their tactics.
They use legitimate-looking logos, colours, and fonts. Phishing scams frequently use domains or URLs similar to the brand they are impersonating.
Your staff should be aware of what to look for;
- The content of the message doesn’t seem quite right, often asking for an immediate response
- There are typos in the body of the email (although AI is being exploited to resolve this)
- The email address is not quite right ie. [email protected]
One of the latest attacks suggests that there has been an unusual Microsoft account sign-in activity on your account, directing you to a malicious link. These links are designed to steal everything from your login and password to payment details.
The answer is more straightforward than you might think. Work with your staff and teach them to slow down, observe, and analyse. Check for discrepancies in URLs, domains, and message text. Be aware that if the email asks you to click on an unusual link or to do something instantly, like make a payment, treat it with caution. Knowledge really is power when it comes to preventing attacks like these.
There have been huge developments in cyber protection systems, but the human layer will always be your last defence and can be your weakest if you don’t give them the necessary training.”
James Tilbury
CEO
james.tilbury@ilux.co.uk
Tel: 01480 501500
Mobile: 07834 850809
For James’ other articles, blogs and insights, click here.
Download The Business owner’s guide to phishing
This free guide will give you insight into the types of attacks to look out for and advice and guidance for you and your staff
ILUX kickstarts 2024 with new jobs, new people and new clients
ILUX, the IT support and consultancy business, has kickstarted the year with key promotions and new staff, and added three local household names to its client portfolio. The company began working with Premier Travel in January as a strategic IT consultant to the business. The travel agency, [Read more]
Unlocking efficiency: How outsourcing your IT can save you money, time and improve patient care
As the demands on hospices continue to grow, so too do the demands on each organisation's operations and infrastructure. The need to improve all aspects of patient care, organisational management, and compliance, makes it essential to streamline operations wherever possible. One strategic move gaining momentum in the [Read more]
Anti-Virus is no longer enough
Over the past 12 months, we have seen a significant increase in the number of cyber attacks on SMEs. Gone are the days when hackers only targeted large businesses. They are increasingly turning their attention to small and medium-sized organisations where there is likely to be less [Read more]
