Skip to main content
Back to News

Gone fishing, or is that phishing?

13th June, 2017

You receive an e-mail from what appears to be a reputable company, for example a well known online retailer, Government department, Apple/Microsoft or a major bank. It is likely to have a veiled threat with a ‘call to action’ within it.

Phishing, spear phishing, trawling, whaling – what does it mean?

It’s all a form of hunting and you’re the potential prey. These are all terms created by ‘techie geeks’ for techniques they use to get you hooked – ultimately getting something of value from you.

What could that be?

A password to an e-mail account, information about your business or even your banking or credit card details, in order to steal your money or identity.

It follows the simple fishing principle of throwing some bait into the pool and seeing what bites. The emails are sent to thousands, sometime millions of mail accounts, in the hope someone bites. Clearly the more they send the bigger the success, and because of the technology they use it’s almost zero cost to the criminal.

The way phishing works

You receive an e-mail from what appears to be a reputable company, for example a well known online retailer, Government department, Apple/Microsoft or a major bank. It is likely to have a veiled threat with a ‘call to action’ within it.

An example would be ‘Your account is about to expire, you need to re-verify your details urgently’ or maybe warning of an outstanding invoice that needs to be paid immediately.

They’ll try to catch you off-guard. One of the favourite ways is drop a message in your mailbox late on Friday afternoon, everyone knows it’s POETS day and you’re more likely to click through, as you’re distracted by the thought of the much deserved weekend beer, wine or maybe even champagne, if it’s been a good week.

It may have an attachment such as an alleged invoice or receipt, or an embedded link, which it asks you to click on to validate your credentials. Chances are the attachment is loaded with malware (more tech talk for dodgy software), or the website you are directed to is a mocked up criminal website, to look like the one you thought it would be. This too may be laden with doom based software or just crafted to collect user details.

These guys are good. Some of the spoofed websites are really convincing, others are poorly built sites with little or no resemblance to the original, but remember, you’re now interested in the juicy bait wriggling on the hook. Oh, and don’t forget it’s still Friday!

So, you open the attachment with peaked interest. You’re likely to be presented with something that you can see is utter tosh, nothing to do with you, never heard of them, chancers. But you’re smart and you’ve seen through their little game, and you send it on its merry way to the recycle bin.

At this point, you’re feeling pretty good. You’ve realised at best this is spam, and at worst something nasty, but it’s fine because you’ve deleted it. Alas, superhero, the deed is done, you’ve opened the attachment and you’ve been caught. Your machine is now likely infected, and may even be sending personal details surreptitiously to the phisherman (sorry, we just made that word up). In other words, you’ve taken the bait and are now caught on the proverbial phishing line.

This is the first of an occasional series of blogs we are creating to highlight some of the security risks to you, your team and your business.

We appreciate this is a very dry topic, so we want to ease you in gently. But rest assured, this is a very serious subject, and the cost for becoming a victim of cyber fraud can be huge.

If you are concerned your business is already at risk, please contact us immediately on 01784 437 123.

Related articles

Data is your responsibility – even if you outsource!

In today's digital age, data is a valuable asset for any business. It can be used to drive growth, improve customer engagement, and gain a competitive advantage.

Read More

Embrace the AI-powered future of work

Transform your daily workflow with Copilot for Microsoft 365, seamlessly integrated into familiar tools like Teams, Word, Excel, and more. This next-gen AI, powered by extensive language models and your Microsoft Graph data, turns natural language into a potent productivity tool. Elevate creativity and efficiency with Copilot, revolutionizing the way you work.

Read More

Building a Collaborative Environment with Microsoft Teams 365

In today's fast-paced business world, effective collaboration is crucial for success, regardless of company size. Microsoft Teams 365 is a powerful tool that streamlines teamwork, boosts efficiency, and simplifies communication. Recent data shows its user base grew from 300 million to 320 million in 2024. Offering chat, video calls, file sharing, and seamless integration with…

Read More

Safeguarding Your Data: Backup and Recovery with Azure

Microsoft Azure offers robust backup and recovery solutions that can help you ensure business continuity and peace of mind..

Read More