August Insights: Phishing and BEC Explained

Greetings, LinkedIn Community!

With the average employee receiving 74 business emails a day, the risk of falling victim to phishing scams or Business Email Compromise (BEC) attacks is significant. Cyber security threats can seem intricate, but protecting yourself doesn’t have to be.

This month’s newsletter cuts through the complexity. We’ll provide actionable steps to identify and avoid these deceptive tactics, empowering you to simplify your approach to robust email security.

Clicks that Cost: Exposing Social Engineering

We’ve all been there. That irresistible ad promising a dream vacation, the “urgent” email from your “boss,“ or the mysterious attachment with the intriguing filename. These are all tactics of social engineering, where tricksters play on our curiosity, fear, or trust to steal information or get us to do something we shouldn’t.

Here are some cunning social engineering tricks to watch out for:

How to Protect Against Phishing Attacks

We’ve talked about how sneaky phishers can be, but don’t worry, there are ways to keep your guard up! Here are some simple steps you can take to stay safe:

? Learn More Phishing Defence Strategies

Don't Fall for the Fake "Boss": BEC Scams

Ever received an email from your “boss” requesting a “favour”? Business Email Compromise (BEC) scams can be deceiving. Cybercriminals cleverly impersonate trusted figures within your company, exploiting urgency and trust to manipulate you into actions that compromise your organisation’s security.

But don’t worry, we’ve got a weapon in our arsenal: the SLAM Analysis Method: Sender - Links - Attachments - Message. This simple yet effective tool can help you identify and prevent BEC attacks.

Sender: Scrutinise the email address. Typos, extra periods, or similar domains are red flags.

Links: Hover, don't click! See if the actual website address appears before clicking suspicious links.

Attachments: Beware unexpected attachments, even from known senders.

Message:?Unusual tone, urgency, or financial requests? Trust your gut - if it feels off, it probably is.

Take Action: Avoid BEC Scams

Here's what to do if you receive a suspicious email that might be a BEC scam:

• Contact your boss directly (through a phone call, not another email). Verify the request directly with your superior to confirm its legitimacy
• Don't reply to the email.?Responding can confirm your email address as a valid target for future scams
• Report the email to your IT department. They can investigate the email and take steps to protect your organisation
• Don't forward the email.?Forwarding can spread the scam to others in your organisation
• Keep a copy of the email (as an attachment or by copying the content). This can be helpful for your IT department's investigation

Thank you for being part of the OneCollab community. We're here to support your cyber security journey every step of the way. If you have any questions, need advice, or want to explore collaboration opportunities, feel free to reach out to Ollie Rayburn, Head of Client Solutions at [email protected].

Wishing you a month filled with growth and success!

Warm regards,

OneCollab