Watch out for the latest email scams!
We seem to be having a bad time with scammers at the moment. We tend to find these things recur in cycles.
Last week at THP we encountered two scam situations involving emails.
In the first case, an email was sent using a spoofed email address of our CEO to a member of the finance team telling them to pay money to a third party urgently, giving them specific bank details to send the money to.
Turns out the email was not from our CEO at all.
The second scam scenario was reported to us by one of our clients. When they clicked on a link in an email they had received, a rule was surreptitiously installed in their email system so that whenever they emailed anyone (such as a customer or supplier) with a bank account number and sort code in the email it copied the email to the hacker
The online world is an amazing place, but it does present us with some challenges. You probably think you know how to stay safe online. But the fraudsters are using increasingly intelligent ways to get our money and personal details every day.
Phishing is when fraudsters send emails at random, claiming to be your bank or someone you know. They want to trick you into giving them your personal information and or bank details, via a bogus website. According to Trend Micro, these sorts of emails are regularly targeted to employees and in 2017 cost businesses $9bn globally.
There are some basic steps we can all follow though to minimise the risk. Don’t fall hook, line and sinker.
Do I know you?
- Don’t open suspicious or unknown emails, texts or pop up messages. For example, consider if an email has an unusually worded subject or different font sizes used within the body of the email.
- If you’re unsure where the email came from or you think it might be a scam you can double check. Hover the cursor over the sender’s name or right-click on the name and you should see the email address behind it.
Does it look the part?
- A phishing email may show a real lack of consistency with several different font styles, font sizes and a mismatch of logos.
- Scam emails may also contain information such as account numbers and IDs. It’s designed to trick you into thinking the email is genuine. How many of us know our account numbers off by heart? Always check any of these against your own records to see if they match.
- You can see where a weblink goes to without actually clicking on it by hovering your cursor over the link. In the bottom left-hand corner of your web browser, the web address that the link goes to will appear.
It’s now or never
- Fraudsters will try to pressure you with time-sensitive offers, encouraging you to act now or miss out on ‘exclusive’ deals. If a deal seems to good to be true it probably is. You can always log onto the retailer’s website in a new tab to see if the offer is genuine. It’s better to miss out on a great deal than risk compromising your personal details or money.
- No genuine online company will contact you to ask for your log-in details, such as your password or user id. You should only need to use this information when you are logging into a service such as online banking.
- If you have opened a scam email then don’t reply, don’t click on any links in the email or open any attachments.
- If the email claims to be from a certain company or brand, you can check their customer services pages. Often, big companies are aware of scams circulating and have published advice for customers.
- Make sure your antivirus software is always up to date. It gives you an extra layer of protection if you unknowingly download a computer virus.
Keeping our clients details secure
Here at THP we would never ask our clients to provide personal details or account information in generic emails. All correspondence should be from a recognised THP contact.
If you get an email from us and you’re not sure then feel free to give us a call. We’ll be more than happy to confirm if we’ve been trying to reach you.