Most businesses know that phishing emails are on the increase. Cyber criminals send an email which contains a malicious link or file that allows them to access your network. 83% of organisations reported an attack in the past few years, so it is more a case of “when” rather than “if”.
Hackers are becoming increasingly sophisticated with their methods and impersonating well-known brands as one of the tools in their armoury.
Microsoft has become the most imitated brand for phishing attacks, and whilst it is no fault of the brand, you and your employees need to be on high alert for anything suspicious.
During the second quarter of 2023, phishing attacks disguised as Microsoft accounted for 29% of attempts. Other brands included in the report were Google at 19.5% and Apple at 5.2%. The list also included Amazon, LinkedIn and Facebook.
What does this mean for your business?
Despite an evident surge in fake emails targeting Windows and Microsoft 365 customers, alerting your staff and giving them clear training and support will help protect you from data theft and fraudulent attacks.
The most imitated brands change, but cyber criminals are less likely to change their tactics.
They use legitimate-looking logos, colours, and fonts. Phishing scams frequently use domains or URLs similar to the brand they are impersonating.
Your staff should be aware of what to look for;
- The content of the message doesn’t seem quite right, often asking for an immediate response
- There are typos in the body of the email (although AI is being exploited to resolve this)
- The email address is not quite right ie. [email protected]
One of the latest attacks suggests that there has been an unusual Microsoft account sign-in activity on your account, directing you to a malicious link. These links are designed to steal everything from your login and password to payment details.
The answer is more straightforward than you might think. Work with your staff and teach them to slow down, observe, and analyse. Check for discrepancies in URLs, domains, and message text. Be aware that if the email asks you to click on an unusual link or to do something instantly, like make a payment, treat it with caution. Knowledge really is power when it comes to preventing attacks like these.
There have been huge developments in cyber protection systems, but the human layer will always be your last defence and can be your weakest if you don’t give them the necessary training.”
James Tilbury
CEO
james.tilbury@ilux.co.uk
Tel: 01480 501500
Mobile: 07834 850809
For James’ other articles, blogs and insights, click here.
Download The Business owner’s guide to phishing
This free guide will give you insight into the types of attacks to look out for and advice and guidance for you and your staff
Cyber extortion – what does it mean for your business?
Cyber extortion – what does it mean for your business? Cyber extortion is growing at an alarming rate and is a significant threat to your business, no matter its size. ALL organisations need to be aware of the risks and how to mitigate them. James Tilbury, CEO [Read more]
Ransomware threats are surging – here’s how to protect your business
Ransomware threats are surging – here’s how to protect your business Imagine turning on your computer one morning and discovering that all your crucial files – from customer data to financial records – are locked. Completely inaccessible. Then, a menacing message demands a ransom to unlock [Read more]
Preparing for the Future: Why Upgrading to Windows 11 is Crucial for Your Business
Preparing for the Future: Why Upgrading to Windows 11 is Crucial for Your Business As a business owner or director, you will, no doubt, be familiar with the constant need to balance operational costs with the need for up-to-date technology. While upgrading hardware might seem like [Read more]
