Fake emails are a common method used by cybercriminals. They pretend to be originating from a credible party with the intention of enticing you to reveal information that may be used in an attack directed at you or your company.
Another typical method is to use a similar-looking domain to pretend the email is sent by a party you trust. Hackers may acquire similar-looking domains to mask their phishing attempts, and the emails can be highly sophisticated and professional giving you the impression that it´s genuine.
By applying this method attackers can configure the domain to pass undetected through common protection measures implemented by IT departments to filter out malicious and harmful emails.
To ensure that you are not falling victim of such attacks, you should carefully check the sender address in the email and verify that it’s coming from a valid domain.
Unusual requests, suspicious links and misspellings are some of the things to look out for
Please take some time to check the actual sender address in the email.
If the email contains hyperlinks, you should make sure the link directs you to the destination it claims. To do so, you can move the mouse pointer above the text or image that is hyperlinked, to see the destination URL it links to.
Check the domain, check the links and be careful about giving out personal information.
At Admincontrol we have recently been looking at these issues in depth and have produced a handbook for boards on how to manage the impact of hybrid working on cybersecurity.
Download eBook: