Hit enter to search or ESC to close
Phishing is one of the most common online scams according to Netsafe NZ.
Phishing is when someone sends you an email or text message pretending to be a real company or government agency. The aim of the cyber criminal is to trick individuals to give away personal information, such as passwords or credit card numbers. Emails may ask for details with some urgency in order to speed up a response. For example, you may be asked to click on a link which asks you to log into your bank account. While these messages look like they are personal to you, they are usually being sent to thousands of people at one time.
Whaling is a kind of phishing where hackers target the “big phish” – specifically managers and senior executives. These high-profile targets typically have access to more information and consequently the payoff may be bigger. Whaling can be used to try and fast track executive sign-off on a payment.
Know how to recognise valid emails.
If you think there’s a possibility that an email is not genuine, forward it to your IT team or manager. Do not respond to it.
Signs that it may be a phishing email include:
Employees should not open suspicious links in emails, tweets, social media posts, online ads, messages or attachments, even if they think they know the source.
Before clicking any links, users should hover their mouse over the link to see if the link will lead to the correct destination - the website address underneath the link should show up. Some links may look genuine, but lead you to a different, possibly fake or scam, destination or result in the downloading of a virus or malware onto the computer and into the workplace network.
Banks will never send an email which has a link or an attachment to their Internet banking site. You should always manually type a bank’s website address into the address bar rather than following a link.
If you are unsure about whether an email is from a legitimate company or government department, try calling the organisation that appears to have sent the email. Get the contact details from a previous account statement or invoice or look it up online. Do not use any of the details or links provided in the suspicious email until you have verified that the email is genuine.
Cyber risk Insurance protects you against cyber attacks through the Internet or email.
Our experts can work with you to create a tailored, cost-effective cyber Insurance package to safeguard you. We have cyber risk management packages for any size NZ business.