We had hoped that 2021 would bare little resemblance to 2020, the year everything stood still. While this unfortunately hasn’t been the case, there is one group of people who haven’t been on pause – Phishing Scammers.
During the 2020/2021 global pandemic, the Federal Bureau of Investigation (FBI) reported that phishing scams increased from 114,702 incidents in 2019, to 241,324 in 2020/2021. Alongside this, the scams themselves have become more elaborate and more convincing. So here is a rundown of the phishing scams you need to be aware of in 2021.
Office 365 Phishing Scam
With employees having to spend the last 18 months working from home,, this scam has been developed to mimic a company’s IT department, asking people to respond if they want their details to stay the same on their Office 365 account. Once the individual clicks on the link, the scammer then gets access to their computer. With employees not being able to visit their IT department, this phishing campaign has had some success. So, here is what to look out for to stop it from happening to you:
- Check the sender email – is this actually your IT department?
- Is it asking for unusual or personal identifiable information?
- Bad grammar, or a different tone to usual?
- Poor quality artwork/logo?
If you spot any of the above are inconsistent, or something smells a bit phishy, then get in touch with your IT team to find out.
Vaccine phishing emails
With the Covid-19 vaccine rollout in place around the world, phishing scammers are taking advantage of people wanting to get their vaccine by sending emails posing as official NHS emails. Things to watch out for:
- Asking for you to open an attachment to book your vaccine, or to access vaccine appointment details. The official NHS emails will not ask you to do this. Remember, do not click on a link in the email until you are sure it is legitimate.
- An urgent and/or capitalised subject line. Official vaccine sources are less likely to capitalise their entire subject line, and will appear more professional and less panic-inducing.
Here is an example of what the Covid-19 Vaccine pishing emails look like:
Royal Mail or other courier phishing emails/texts
With the reliance on online shopping during the pandemic, scammers have been exploiting this with fake courier emails and texts. Due to the increasing numbers of parcels being delivered, phishers have been finding success in sending missed delivery, or shipping fee emails/texts with phishing links attached. Most of the time, people are waiting for a delivery, so this can seem legitimate. Some things to look out for:
- A missed delivery email/text when you haven’t ordered anything. These emails/texts work by scaring you to think someone has ordered something on your behalf, making you click on the link. A tip is to check your bank first, have there been any unusual transactions? If not, then contact the Royal Mail (or the other dedicated courier) on their dedicated scam helpline (reportascam@royalmail.com). They will be able to confirm if it is genuine, or a scam.
- ‘Unpaid shipping costs for your package’ – these are less believable, but they do sometimes catch people off guard. After all, you only have to click on the link, and with more people ordering from international sellers, shipping costs/tariffs is becoming more of an issue.
If you receive these kinds of communications, do the usual checks. Does this email look genuine? Does it have bad grammar? Who is the sender? If you are still unsure, contact the courier directly.
While these are some of the trending phishing scams over the past year, they are not the only ones being used. The sad reality is that new phishing techniques will be developed every day. However, there are things you can do to protect yourself and your business.
Click here for our tips on how to spot a phishing email, and here to help your business develop knowledge on cyber security and phishing with our Cyber Security eLearning collection.