There is now a great pressure on email fraud (phishing). Here comes some info on what it is and how you can best protect yourselves.

What is phishing?

Phishing is a targeted attack on a person or business. The attacker gathers information in advance, such as about customers, suppliers, agreements, and partners. This information is used to send you an email that seems credible and reliable. In the email you might, for example:  

• be asked to click on links/attachments 

• be asked to provide access to accounts/usernames/passwords from someone who appears to be a colleague/friend/reliable person 

• receive a link to a website where you are asked to enter personal or sensitive data (PIN codes/login details/access codes). 

Examples of typical scenarios an attacker will mimic:

• there is an issue with an invoice.

• that there has been suspicious activity on an account.

• the user needs to log in to confirm an account or password. 

• the user needs to provide credit card information or bank account details and/or other information.

This is anti-phishing (software)

To identify and notify users about suspicious phishing communication, you should use software that protects you and the company from phishing – anti-phishing. The software monitors all emails coming in and out of the company, and uses artificial intelligence to check if the content is reliable. The most advanced tools combine “computer vision” with deep sender analysis to uncover even the most difficult attacks. 

All emails come with a sender signature, a bit like a fingerprint on a letter. The anti-phishing program verifies that the fingerprint matches the sender and that it is not a “hacker” pretending to be your colleague. Furthermore, all emails come with a text, but unlike a physical letter, you can hide part of the message behind “invisible codes”. This means that all normal mail protection programs can see “H123e123i123” in emails where you see “Hello”. How will they then manage to understand that you are being tricked into paying an invoice that does not exist?

What can you do?

• Be extra cautious if you receive an email from an unknown sender. If you suspect it is a phishing email; do not respond - delete the email. We recommend that you contact the IT responsible in the company. If you do not have a responsible person, you can call one of us – we will gladly help you!

• Never open links or attachments from unknown email senders.

• Do not share personal information on forms that appear on websites (pop-ups).

• If you are asked to pay or do something unexpected – get verbal confirmation from the person in question.