Phishing emails are a prevalent plague to both companies and individuals across the UK. While many are easily spotted and disregarded, others use spoof tactics to convince recipients of their authenticity. Impersonating international authorities like the World Health Organisation or enterprise executives, these nefarious messages can cause havoc for firms when they fool their targets.
From inciting victims to download malware onto a company’s network to leading them to fake sites to harvest confidential credentials, the impact can be insidious. The best policy for firms identifying a phishing campaign in the UK is to inform the NCSC (National Cyber Security Centre). The next time you receive an email containing a scam, don’t hesitate and report it immediately.
How to spot a suspicious email
Phishing emails are fast becoming more difficult to identify with hackers using increasingly more complex tactics. Spear phishing attacks use public company details found online along with hacked Personally Identifiable Information (PII) to create more believable content designed to hoodwink users. The NCSC states on its site that even its experts sometimes struggle to identify this form of attack.
While misspelled words and poor grammar can be indicators of a phishing email, there are other signs to look out for. Messages requesting personal information like financial account details, national insurance numbers or passwords can be considered suspicious as no bank or government agency would request such information via email. Message content that contains large unverified links or urgently demands you download material onto your device should also be reported immediately.
Reporting to the NCSC
If you come across an email you are unsure of you can forward it to the dedicated Suspicious Email Reporting Service (SERS) at the NCSC. The email address is: firstname.lastname@example.org
Whether the email is from an individual you do not recognise or a company you would not normally communicate with, if the message makes you suspicious you should inform the NCSC. Reporting a phishing email can assist the security centre in acting rapidly to protect others from being impacted by the same attack.
While a large majority of suspicious emails reach the centre, if malicious messages have already been recognised by its spam detection system, they may be filtered out to reduce the quantity of phishing attacks requiring inspection. However, if you experience persistent phishing emails, the NCSC requests users highlight the issue with them for further investigation.
Figures from the end of May show the NCSC has received over 614,000 reports and it has successfully neutralised 4,530 harmful URLs and 1,117 scams.
Keeping your company secure against cybercrime
At Galaxkey, we have designed an innovative secure workspace that enables enterprises to safeguard sensitive systems and data from cybercriminals. Delivering robust security in the form of powerful encryption, our protocols can keep important and confidential information fully protected in the unfortunate event that your network or devices are infiltrated by attackers. Get in touch with our specialist team today and arrange a free 14-day trial to test out the numerous benefits of our secure platform.