Chris Underhill, CTO of Equiniti Cyber Security, shares his top tips for how to avoid email scams and cyber-crime.
According to Chris Underhill, unsure recipients should follow these six tips:
1) Are you expecting the communication?
If you didn’t ask for it, then immediately treat it as suspicious until you can prove otherwise. Remember, if it causes you any doubt then do nothing. Urgent legitimate unsolicited communication can always be resent to you.
2) Look at the ‘From’ address of the email, to see whether it looks suspicious?
If the email asks you to respond via email, click reply and look at the displayed ‘To’ field. The email might tell you it’s from your CEO but your reply is being sent elsewhere, e.g. ‘firstname.lastname@example.org’
3) Do not click or open attachments unless you specifically requested them
Criminals will try to get you to open an attachment that may compromise your computer.
4) Beware calls to action
Phishing requires you to act in order for the attack to be successful. Any communication that requires you to immediately do something should cause you to stop and consider what the communication is actually asking you to do. The use of fear and alarm are common tactics to lure potential victims to engage. This could be an email from your CEO, your bank or even an email from a trusted friend.
5) Check links carefully
Spammers will often try to trick you using sub-domains that don’t match the origin sender for example: http:// paypal.paypal-payments.com. digi1-pay.net does not belong to Paypal. Phishing sites are hosted on websites that are not related to who they say they are, so check a link carefully before you decide to click it. You can do this by hovering over the link with your mouse.
6) Trust nothing
Communications must prove themselves to be legitimate. If it gives you any cause for concern, delete it.
“The most important thing is to understand what phishing (whereby someone steals your personal information by way of impersonation) actually is.
Be aware that criminals will constantly try to motivate you to handover your information through trickery and fear.
These attacks will come into your work life and your personal life so make sure you understand that it is entirely possible for someone to impersonate someone within your organisation, to try and force you to hand over private details.”
Chris Underhill, CTO Equiniti Cyber Security
Equiniti is an award-winning specialist outsourcer delivering technology-enabled solutions to large enterprises. It processes £90 billion in payments every year, handles 88 million documents and pays 20% of pensioners in the UK. We are acknowledged leaders in many of our markets and keep things running smoothly for some of the UKs best known brands and public-sector organisations. Equiniti’s industry-leading standard was officially recognised at Shares Awards 2017, winning the Best Share Registrar and Best Investor Education categories.