What is Phishing?

Phishing is a form of scamming which involves sending emails or other communications pretending to be from reputable sources to deceive the receiver into revealing personal information. Most phishing is easy to spot due to spelling and grammatical errors. The sender's name might be familiar to the recipient, but the email address is obviously fake.


Recently, we've seen an increase in phishing emails that look like they are coming from the person they purport to come from, even when you check the sender's email address. This is called spoofing.


Often, this kind of email alleges to be a link to a document stored in a cloud service from Microsoft, Google or Adobe. The idea is that the recipient clicks on the link, which takes them to a login page where they will attempt to sign-in, giving the phisher their password.

Best tips to help you protect your account:

  1. Ensure two-factor authentication is enabled on your account.
    This is often referred to as 2FA. This second method of authentication will protect the account even if a scammer gets your password.

  2. Check the wording of the email. 
    Does the language sound like your colleague? If in doubt, ask them directly via a separate email or message (do not reply to the suspicious email).

  3. Educate your staff about what phishing is and how to spot it. 
    The reason that these types of attempts continue is because they continue to be successful. Cyber security isn't just about the hardware or software "walls". People are an important part of defence and this includes the company culture. It is important for people to feel comfortable asking for advice if they are unsure.
bonfire_digital_generate_a_realistic_image_that_shows_a_anonymo_d56fafe7-2f7a-47d9-9aa8-4ea0991998c4