Have you ever dealt with a ‘spoofed’ or fraudulent email?
Phishing is not something that only corporations have to look out for, in the US the FBI recently
reported the most common type of cyber crime was phishing.
So, how can you protect yourself or your business from phishing attacks?
1. Don’t let your email addresses be a resource for attackers
Make it harder for emails from your domains to be spoofed by employing the anti-spoofing controls DMARC, SPF and DKIM - and encourage your contacts to do the same.
2. Reduce the information available to attackers
Consider what information visitors to your website need to know, and what details are unnecessary (…but attackers might find useful).
The NEBRC Student Services programme can support a digital investigation, which is useful in defending against phishing. For further information visit: https://www.nebrcentre.co.uk/online-footprint-assessment
3. Filter or block incoming phishing emails
Check all incoming emails for spam, phishing and malware. Suspected phishing emails should be filtered or blocked before they reach your user.
If you use a cloud-based email provider, ensure that the filtering/blocking service is sufficient for your needs, and that it is switched on by default for all your users. If you host your own email server, ensure that a proven filtering/blocking service is in place.
For more information on how to stay safe online visit our website https://www.nebrcentre.co.uk/ where we offer a range of resources, including a FREE core membership package.