Skip to main content
Back to News

Gone fishing, or is that phishing?

13th June, 2017

You receive an e-mail from what appears to be a reputable company, for example a well known online retailer, Government department, Apple/Microsoft or a major bank. It is likely to have a veiled threat with a ‘call to action’ within it.

Phishing, spear phishing, trawling, whaling – what does it mean?

It’s all a form of hunting and you’re the potential prey. These are all terms created by ‘techie geeks’ for techniques they use to get you hooked – ultimately getting something of value from you.

What could that be?

A password to an e-mail account, information about your business or even your banking or credit card details, in order to steal your money or identity.

It follows the simple fishing principle of throwing some bait into the pool and seeing what bites. The emails are sent to thousands, sometime millions of mail accounts, in the hope someone bites. Clearly the more they send the bigger the success, and because of the technology they use it’s almost zero cost to the criminal.

The way phishing works

You receive an e-mail from what appears to be a reputable company, for example a well known online retailer, Government department, Apple/Microsoft or a major bank. It is likely to have a veiled threat with a ‘call to action’ within it.

An example would be ‘Your account is about to expire, you need to re-verify your details urgently’ or maybe warning of an outstanding invoice that needs to be paid immediately.

They’ll try to catch you off-guard. One of the favourite ways is drop a message in your mailbox late on Friday afternoon, everyone knows it’s POETS day and you’re more likely to click through, as you’re distracted by the thought of the much deserved weekend beer, wine or maybe even champagne, if it’s been a good week.

It may have an attachment such as an alleged invoice or receipt, or an embedded link, which it asks you to click on to validate your credentials. Chances are the attachment is loaded with malware (more tech talk for dodgy software), or the website you are directed to is a mocked up criminal website, to look like the one you thought it would be. This too may be laden with doom based software or just crafted to collect user details.

These guys are good. Some of the spoofed websites are really convincing, others are poorly built sites with little or no resemblance to the original, but remember, you’re now interested in the juicy bait wriggling on the hook. Oh, and don’t forget it’s still Friday!

So, you open the attachment with peaked interest. You’re likely to be presented with something that you can see is utter tosh, nothing to do with you, never heard of them, chancers. But you’re smart and you’ve seen through their little game, and you send it on its merry way to the recycle bin.

At this point, you’re feeling pretty good. You’ve realised at best this is spam, and at worst something nasty, but it’s fine because you’ve deleted it. Alas, superhero, the deed is done, you’ve opened the attachment and you’ve been caught. Your machine is now likely infected, and may even be sending personal details surreptitiously to the phisherman (sorry, we just made that word up). In other words, you’ve taken the bait and are now caught on the proverbial phishing line.

This is the first of an occasional series of blogs we are creating to highlight some of the security risks to you, your team and your business.

We appreciate this is a very dry topic, so we want to ease you in gently. But rest assured, this is a very serious subject, and the cost for becoming a victim of cyber fraud can be huge.

If you are concerned your business is already at risk, please contact us immediately on 01784 437 123.

Related articles

Case Study 2: Building Success with Microsoft Copilot

See how fictional UrbanBuild Constructions leveraged Microsoft Copilot to transform their construction project management, resource planning, and financial oversight. This case study of founder Alex Rodriguez highlights how Copilot's AI-powered tools helped them complete projects faster, optimise resources, improve budgeting, and set their growing company up for long-term success.

Read More

Case Study 1: Navigating Success with Microsoft Copilot

See how embracing Copilot helped streamline operations, improve efficiency, boost customer satisfaction and lay the foundation for growth.

Read More

IT Automation and Apps

Businesses are adopting IT automation and apps to enhance efficiency. IT automation uses technology to streamline tasks, while user-friendly apps play a key role. Benefits include increased productivity and enhanced security. Choosing the right apps involves considering compatibility, functionality, ease of use, scalability, and security.

Read More

Cyber Essentials and Cyber Essentials Plus

Obtaining both Cyber Essentials and Cyber Essentials Plus certifications can be beneficial for organisations, as they provide different levels of cybersecurity assurance and serve distinct purposes. They are schemes developed by the UK government to help organisations, both in the public and private sectors, improve their cybersecurity position. These schemes are designed to provide a…

Read More