Data Phishing Scams You Need to be Aware of – June 2021

We had hoped that 2021 would bare little resemblance to 2020, the year everything stood still. While this unfortunately hasn’t been the case, there is one group of people who haven’t been on pause – Phishing Scammers.

During the 2020/2021 global pandemic, the Federal Bureau of Investigation (FBI) reported that phishing scams increased from 114,702 incidents in 2019, to 241,324 in 2020/2021. Alongside this, the scams themselves have become more elaborate and more convincing. So here is a rundown of the phishing scams you need to be aware of in 2021.

Office 365 Phishing Scam

With employees having to spend the last 18 months working from home,, this scam has been developed to mimic a company’s IT department, asking people to respond if they want their details to stay the same on their Office 365 account. Once the individual clicks on the link, the scammer then gets access to their computer. With employees not being able to visit their IT department, this phishing campaign has had some success. So, here is what to look out for to stop it from happening to you:

  • Check the sender email – is this actually your IT department?
  • Is it asking for unusual or personal identifiable information?
  • Bad grammar, or a different tone to usual?
  • Poor quality artwork/logo?

If you spot any of the above are inconsistent, or something smells a bit phishy, then get in touch with your IT team to find out.

Image

Vaccine phishing emails

With the Covid-19 vaccine rollout in place around the world, phishing scammers are taking advantage of people wanting to get their vaccine by sending emails posing as official NHS emails. Things to watch out for:

  • Asking for you to open an attachment to book your vaccine, or to access vaccine appointment details. The official NHS emails will not ask you to do this. Remember, do not click on a link in the email until you are sure it is legitimate.
  • An urgent and/or capitalised subject line. Official vaccine sources are less likely to capitalise their entire subject line, and will appear more professional and less panic-inducing.

Here is an example of what the Covid-19 Vaccine pishing emails look like:

Image

Royal Mail or other courier phishing emails/texts

With the reliance on online shopping during the pandemic, scammers have been exploiting this with fake courier emails and texts. Due to the increasing numbers of parcels being delivered, phishers have been finding success in sending missed delivery, or shipping fee emails/texts with phishing links attached. Most of the time, people are waiting for a delivery, so this can seem legitimate. Some things to look out for:

  • A missed delivery email/text when you haven’t ordered anything. These emails/texts work by scaring you to think someone has ordered something on your behalf, making you click on the link. A tip is to check your bank first, have there been any unusual transactions? If not, then contact the Royal Mail (or the other dedicated courier) on their dedicated scam helpline (reportascam@royalmail.com). They will be able to confirm if it is genuine, or a scam.
  • ‘Unpaid shipping costs for your package’ – these are less believable, but they do sometimes catch people off guard. After all, you only have to click on the link, and with more people ordering from international sellers, shipping costs/tariffs is becoming more of an issue.

If you receive these kinds of communications, do the usual checks. Does this email look genuine? Does it have bad grammar? Who is the sender? If you are still unsure, contact the courier directly.

While these are some of the trending phishing scams over the past year, they are not the only ones being used. The sad reality is that new phishing techniques will be developed every day. However, there are things you can do to protect yourself and your business.

Click here for our tips on how to spot a phishing email, and here to help your business develop knowledge on cyber security and phishing with our Cyber Security eLearning collection.

Image

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.