Protect Your Business From Phishing Emails
Phishing/scam emails have always been about, email spoofing is a popular tactic used in this. However the amount of spoofed emails being sent has risen massively over the past years and is still continuing to increase. The sophistication of these emails and their accuracy has also increased over time as well.
A spoofed email is a email message with a forged senders address. For example you receive and email from that looks like it is from one of your suppliers which asks you to pay the amount in an invoice which has been attached with the email. On the face of it the email will look legitimate but it is from a different sender. If you where to look into the backend of the email you would see that it did not come from the sender that it was made out to of come from. The aim of these emails is purely financial.
Our clients send in these emails to us from time to time to be checked out. Microsoft Office 365 and Gmail Business do have some in built tools to protect you from spoofed emails. However the recommend best practise is to get additional protection put in place. Something that includes inbound and outbound email scanning, this way spoofed emails will be identified and blocked. However nothing is 100% so keep security in mind, check the sender when you receive an email with an invoice attached to it. Especially if it is one that you are not expecting of if it looks different to the emails that, that sender normally sends you. Forward these emails to your IT team, or IT support company as well.
A good product for email security is Sophos Central Email Protection Advanced. We use this internally ourselves and have it installed in most of our client’s office. Since using this product we have seen that the number of spoofed emails getting through the security filters has dropped drastically. Along with the essential email anti-virus features this products inbound email scanning that uses a combination of SPF, DKIM and DMARC authentication techniques and email header analysis which identifies and permits legitimate genuine emails whilst the fake ones are blocked. Something like this helps a lot because you have a tool which is doing the checking work for you automatically.
If you liked reading this post please subscribe to our blog, we put out information regularly which we hope you enjoy reading. If you are interested in protecting your business from phishing/spoofed emails then feel free to email us on firstname.lastname@example.org or click here to learn more about the different services that we provide. We are an IT support company based in London and can help you with any of your technology needs.