“Our bank details have not changed.” is surely one of the least pleasant things to have to put in your email signature.
Chances are, if you’ve seen this, the email sender’s email domain has been impersonated and used in a phishing attack.
Phishing is extremely commonplace these days and is used by attackers to steal information such as passwords and other credentials, and other sensitive information.
According to Sendmarc, below are several common phishing scams, which can include things such as:
- Asking you to click on a link and download a malicious file onto your computer.
- Sending you an email notifying you of an outstanding invoice – and then a link where you can click to pay it. Clicking on this link takes you to an illegitimate site where scammers can gather your personal information and access your bank accounts.
- The email sender telling you that one of your accounts has been compromised, and then asking you to log in and reset your password, fill in your information and resubmit it.
- Pretending to be one of your vendors and asking you to confirm your credit information before they can release or deliver an order.
There are 2 approaches, which work best in parallel, to prevent email phishing attacks.
- Implement a technical solution such as DMARC to assure email authenticity
- Train your employees to recognize phishing emails and handle them appropriately
We work with our partners Sendmarc to help our customers prevent their email domains from being impersonated, nd used in phishing attacks.
You should really know whether or not your domain is at risk of impersonation – fill in the form below and we’ll run the analysis for you and reply with the information.