STAY ALERT: How to avoid phishing scams

19-06-22 Microsoft Phishing scam attempt

Since yesterday a phishing scam disguised as the Microsoft sign in page has been found. Attached is a fake file called "payslip.htm".

Once opened, the phishing site attempts to get the users details. If the user logs in, a script hosted at "swiss-fis.com" is run and the user then sees a fake invoice for $60,000.

It's important to protect yourself and your business from phishing attacks. Once an attacker has your credentials, they can move quickly to disable your access, and it can be difficult to regain access to your accounts.

How to protect your business

The best way to protect your business from phishing attacks, is to make sure yourself and staff have 2 factor authentication enabled for all accounts.

That means if the attacker does receive someones password, they still need their phone, email access or authentication app before they can access the user account.

Arm your staff with the basics

Email scams are a part of everyday business life, but if you educate your staff on some of the signs of suspicious emails, you can avoid most email scams.

There are 3 very basic things to look for when identifying suspicious emails.

Who it's from

If you're regularly emailing someone at "example.com", and you receive an email from "example-2352.com" - this is most likely a sign that the email should not be trusted.

Strange web addresses

If you open an attachment from a trusted source that takes you to a site requiring login details - check the web address.

An example is; if you're asked for your Microsoft password, but the web address says "thisisntmicrosoft.com" - there's a good chance it's a scam.

Irregular attachments

If you receive an attachment that isn't from a trusted source, you should never open it. However - phishing attempts can happen, when a company's email server is hacked and the attackers pose as real users.

In most of these cases, it's best to forward the attachment to your IT department so they can inspect the file.

Keep your passwords secure

I wrote an article on keeping your passwords secure, which I highly recommend if you want to store your passwords safely.

Backup your data

I can't stress enough how important and valuable your data is. Keep it secure and back it up. Things break, problems happen - but how good is that feeling when something does happen, and you're prepared.

Final words

While you cannot always avoid phishing attempts, by using multiple steps for authentication and backing up your data, you help reduce the risks associated with an attack.