Phishing Emails

A fantastic example of a Phishing email that has got through our various layers of filtering at the business.

After a millisecond of excitement thinking that I have had something back from the government, realisation kicks in (who gets money back from the Government ?) and red flags start to appear.

Firstly look at the Subject line. They are making it great to look at and inviting you in by using words such as Automatic Payment, Payment Return. Secondly look at the date format, a few months and dates you could get away with a US formatted date, but not today.

Secondly, the from address. Its always worth a glance at the header information here, you can see the real email address being from telenet.be – not a gov.uk site. This should raise suspicions that its not a valid government email address.

Thirdly, I never pay on the credit card, and not entirely sure HMRC would allow it, any money owing.

Above we hover over the link to the alleged payment return Gateway Service (these guys know about the term Gateway with the UK Government), shows us going to some weird domain, another red flag…..

We advise customers to never click on any link in an email unless you are 100% sure its legitimate. If in any doubt, completely separately log into the website by manually typing out the domain name. For example, if you get an email from NatWest saying click here to log in, but you arent sure, just open a web browser and independently sign in

We went a step further, in the interest of education, to have a look at what this site was looking for. We did this in a sandbox environment, meaning if anything happened, Ransomware, Virus or alike, its all contained in a self contained environment.

First issue we notice, is that its not, again, a gov.uk address. This should ring alarm bells.

The actual phishing site looks good. All helpful, educating the phishee (if thats a word) about what they will need to proceed.

Google Chrome doing a great job of telling us its suspicious, lets go one more step 🙂

So at the end of all that, its asking for quite a lot of personal information, and in the next few screens its asking for bank account information, credit card info, including the CVV code.

Past Blogs

benefits of cybersecurity

Benefits of CyberSecurity

The benefits of cybersecurity. With vast amounts of information are stored online, the benefits of robust cybersecurity are more vital than ever. At Network &...
what is dmarc

What is DMARC

What is DMARC and Why Does Your Business Need It? When it comes to protecting your business from cyber threats, email security is often overlooked. Yet, email is one of...
Why is password management software important

Why is Password Management Software Important

Why is Password Management Software Important for Your Business? In today’s digital world, passwords are the keys to your business’s most sensitive information. From...
What is Email Filtering ?

What is Email Filtering and Why Every Business Needs It

Email is the lifeblood of business communication, but it’s also one of the most vulnerable entry points for cyberattacks. According to research, 96% of cyber threats...
What’s your business’s view on Return to Office?

What’s your business’s view on Return to Office?

Do you love keeping your employees happy by allowing them to work remotely? Or do you think everyone is more productive in the office? Businesses are divided on this...
Outdated backup systems could leave your business vulnerable

Outdated backup systems could leave your business vulnerable

When did you last review your business’s backup tools? Outdated backup systems can fail to protect you from modern threats, like ransomware attacks. If you want a...
Microsoft’s fixing this annoying Windows 11 fault

Microsoft’s fixing this annoying Windows 11 fault

Fed up seeing useless “Recommendations” in the Windows 11 Start menu? Good news – Microsoft’s making them more helpful. Here’s how the improvements could help your team...
Beware that corrupted email attachment: It could be a scam

Beware that corrupted email attachment: It could be a scam

Cyber criminals get more creative every day. The latest scam designed to steal your business data uses corrupted Word files – and getting fooled is easier than you...
Are your employees your security’s weakest link?

Are your employees your security’s weakest link?

Great employees have the same goals you do. But while they’re working hard to help your business succeed, they could accidentally be opening the door to cyber...
The two big threats of doing business on public Wi-Fi

The two big threats of doing business on public Wi-Fi

Public Wi-Fi can be a lifesaver when you must send an urgent email while out of the office. But did you know it can also put your business data at risk? These are the...