Wednesday 26th June 2019
by Ken Walshe

Ken Walshe

Tips to help avoid being phished

We are all highly aware of phishing emails and the damage they can cause an organisation. But as we become more knowledgeable, hackers become smarter and now, business email accounts are targeted more frequently than Gmail.

avoid being phished

Here are some tips to help you avoid being phished

  1. Always check links before you click
  2. Are you expecting the attachment? If not, don’t click
  3. Do you know the sender? If not, be careful
  4. If your CEO suddenly asks you to do something ‘out of the ordinary’ for him or her, then check. It’s a common way (known as CEO and CFO fraud) to get access to internal systems or even transfer money to the criminal’s account.
avoid being phished

We are no longer fooled by the Nigerian Prince who needs access to our bank account to transfer his money, but there are modern day versions of this which are much more sophisticated.

Cyber criminals are in it for the long haul. Some try to form a business type relationship – perhaps based on mutual respect which starts on social media. They gain your trust before progressing to email and asking for something.

Do you know the sender?

Make sure you personally know the sender. Not only that, if the content looks dodgy, then check the URL by hovering over the link.  The latest phishing email can look like it comes from somebody you know (image below) but their account has been hacked or their address faked. The hackers send a “confidential document” stored in the cloud which you must click on to access.

In fact, when I received one of these from a known contact, I forwarded the email to my contact to let him know there was something dodgy going on. The criminals replied to let me know that it was a genuine email. (Most kind of them!) I subsequently phoned my contact to let him know.

avoid being phished


  • It’s easy to add a logo to an email to make it look real
  • It’s easy to set up a spoof email address
  • Links can be disguised to look innocent – always hover over the URL to avoid being phished

And of course, always report suspicious emails to your IT team or your trusted Managed Services provider. 

Join the discussion

Your email address will not be published. Required fields are marked *