Phishing scams, data breaches and ransomware attacks can all too easily be thought of as things that happen to ‘other people’. There are countless news stories about an ‘unnamed employee’ at some company or local government body who clicks on a link and costs their company millions of pounds.

But, as IT Governance knows only too well, phishing emails are not something that only happen to other people. A member of our staff recently shared a phishing email he received, supposedly from HM Revenue and Customs. Had he not been so aware, he could have found himself victim to one of the most common types of cyber attack.

HMRC scam

The email claimed that the recipient was due a large tax refund:

Fortunately, this scam wasn’t particularly persuasive and included plenty of signs that point to its true nature. In the following blog, we outline some easy ‘tell tales’ signs and how you and your organisation can stay safe and alert for potential risks.

  1. Check the email address

The email is sent from an address ending “gou.co.uk”, imitating the UK government’s “.gov.uk” web address, and the message’s content lacks any of HMRC’s branding or imagery.

  1. Spelling and grammatical errors

The content is also littered with spelling and grammatical errors: a randomly capitalised “Can”, the phrase “As example”, the space between it and the comma that follows – and again before the full stop at the end –  and whatever is happening with “click”.

  1. The message

The message itself is also suspicious. Rarely are unsolicited messages claiming that the recipient has received a large windfall genuine. Consider how the organisation usually operates, for example, HMRC makes a point of NOT notifying people of tax rebates or repayments by email.

  1. Masked Addresses

The scammer’s hook – the big blue link that they want you to click – looks authentic. It would be easy to skim over the message and just click the link, which uses the UK government’s actual address, “gov.co.uk”, and which legitimates itself with the secure protocol “https”. But this is a masked address. Hovering the mouse over the link reveals that its true destination is a completely different website with a different domain name.

  1. Lack of Contact Information

A lack of alternative contact details or details which do not look legitimate can signal to the victim the authenticity of the email. Alternatively, as is the case of HRMC, a forwarding email for suspicious email may be provided.

These all make the email identifiable as a phishing scam. However, there are additional signs you should be wary off:

  1. If the email is not addressed personally or formally (this can include using your username)
  2. Asking for personal or bank details
  3. The implication of urgency or time limited
  4. Attachments which are not in the standard file format
  5. A lack of a signature

CCS IT Solutions’ Team has been supporting businesses with IT services in Manchester and across the UK for over twenty years. Our service focuses on providing secure, efficient and cost effective IT solutions to support businesses everyday operations.

If you would like to discuss this article further, how we can help to safeguard your business from potential threats or any issue relating to IT Support, please get in touch with our team today:

T:            0161 428 2088

E:            info@ccsitsolutions.com

W:          https://www.ccsitsolutions.com/