New research has revealed that PayPal was the most spoofed business in all financial phishing emails in 2021, accounting for 37.8% of attacks. Mastercard and American Express followed behind, with 12.2% and 10% share of attacks.
It’s because PayPal is so widely used – it has 392 million active accounts right now – that criminals pretend to be the online payments giant.
With a quick look, a typical phishing email really looks like it has come from the real business.
It will ask the recipient to update their details, or check for unauthorized activity. The worry that someone may have breached their account can cause people to let hackers in. Ironic, isn’t it?
Phishing is bad for anyone personally. But if hackers get into any business account, the resulting data breach can be devastating.
It’s absolutely vital that you educate all your people on the warning signs to look out for.
First, always check the link you’re being asked to click. Hover your mouse over the link and look at the URL. Does it look suspicious? Is the business name spelt correctly?
Check the address the email has been sent from. Does it look like a standard email address from the business? Or does it seem a little strange?
Look closely at the content of the email too. Emails from scammers will likely contain grammatical mistakes. They might not address you by name, and the layout may look slightly different to a genuine email from that company.
Trust your gut feel. You might feel it’s not quite right but be unable to say why. Don’t ignore that nagging feeling.
If you’re ever unsure, go to your browser and type in the real website address, then log into your account that way.
How protected do you think your business is? Are you certain all members of your team would spot a scam before clicking a link?
We’d love to help you review your data security and cyber-crime awareness training. Get in touch.
Published with permission from Your Tech Updates.
