Read our guides about Microsoft Small Business ServerMicrosoft SBS

 

What does the future hold for
you and Small Business Server?

Read our Guide

Small  IT Support for Small BusinessesSecurity Solutions for Small Businesses
Business
ServicesEmail Hosting for Small BusinessesTelephony Solutions for Small Businesses


Advice, technology and support
for small businesses

Take a look at our services

DR-icon-colour

Business
As Usual?

 

Minimise interruptions to your business.

Disaster Recovery Services.

VoIP icon 60-60

Ring The Changes

 

Time to reduce your telephony costs!

VoIP Telephony Solutions

Email Phishing Warning

Recently we had a couple of customers getting in touch to ask about phishing emails - messages that appear to contain links to a known brand (a bank or places such as Paypal), but in fact are false pages usually containing either malicious code that will try to infect your pc, or a form that stores the personal information you are asked to put in.

Now, phishing emails are hardly new of course, but while the last 12 months have seen the levels of mass spam fall sharply due to much better anti spam solutions like we ourselves deploy, the number of more targeted messages containing malware have exploded in number.  This is down to the individuals and groups behind spam attacks waking up to the realisation that email quality, not quantity, can be more profitable - and you need to be aware.

So, what is going on right now, and how can you avoid getting hooked by a phishing mail?

Firstly, you need to be vigilant and, sadly, not trust messages even seeming to come from people you know well. We've noticed a major increase in public email accounts used by friends - Yahoo, hotmail etc - being broken open, which the hacker then uses the address book and inbox details to distribute phishing messages to, or spoofs the sender details so that you think it coming from someone you know.  For businesses, you may have a message arrive from someone who you have previously been in contact via an email marketing list or an inbound enquiry. Let's take a look at an example below:

Typical phishing email - looks genuine, doesn't it?

The actual content of the email itself will usually look perfectly legitimate; the people behind these phishing scams are putting together much better messages now with rarely any spelling errors or laughable grammar.  The more targeted nature of the messages means that they are often able to get past mail filters before they are updated - and if the message comes from the account of a friend of yours then they are even more likely to get into your Inbox.

But they will always have a tell-tale flaw which is easy to spot.

But when you hover your mouse over a link......

Any message you receive can be easily checked if it is genuine or not; just hover your mouse over the links to see the URL (be careful not to click on them though).  If the address is the same as the name of the brand, then there is a moderate chance it is a genuine email from them.  If the address is not similar to the name of the brand concerned, then it most likely not genuine and the email just deleted.

That all sounds simple enough, but you can also double-protect yourself by simply not clicking on any links in any emails.  If you have a message claiming to be from your bank for example, instead of using the link in the email just go to their website instead.  For the sake of manually typing in their website address you might avoid a lot of heartache later on.

If you are concerned about how these attacks may affect your business systems - especially if one of your staff accidentally clicks on a dangerous link in an email - then feel free to get in touch. We're always happy to give advice and help and hopefully keep you well away from being hit by attacks such as these, but for now I hope the advice above is of use and stay safe.