Security insight: How do phishing attacks infiltrate your inbox?

Have you ever wondered how phishing attacks get into your inbox?

Most email providers, such as Outlook and Gmail, have built-in features to filter out potential threats.

On top of this, your organisation needs extra security measures to help protect your accounts. However, even with these deployed, scammers find clever ways to bypass your security processes and creep into your inbox. 

Technical Tactics

Security filters work by looking for specific text patterns, file formats, or links to suspicious websites. Scammers can bypass these features by hosting malicious files on sharing services like Dropbox or Google Drive. Typically, your email filters cannot see any threats from the linked files if hosted on trusted websites. 

One key tactic for noticing phishing emails and avoiding falling victim is never trusting a link within an email that you were not expecting, even if it appears to be from a trustworthy website. 

Social Engineers

Security filters are great until scammers send phishing emails that don’t include links or attachments, as these can go under the radars. They use a social engineering technique when a scammer poses as someone else and tricks you into sharing sensitive information. The phishing email will typically appear from someone important within your organisation, such as the CEO or HR manager. The scammers then use this to disguise and trick you into sending a confidential attachment or even sending money over to them. 

Stop and think before you click!

Have you received an email from this contact before? Is this an unusual request? Should this person have contacted you another way regarding this? 

When dealing with suspicious emails, it is important to use common sense and think logically about the nature of what you have received. 

Do you need more advice and support with your cyber security? Why not get in touch with our experts? 01482 420150 or book a meeting with one of our team.

‍