Skip to content

You get a request in an email. Do you action it?

Lantech Feb 28, 2023 2:54:48 PM
A computer screen with the email icon popping up

I guess if you’re asked to transfer your life savings to someone you’ve never heard of, you’ll know it’s a scam. But what if everything looks okay? What if it seems to be from someone you know, chasing up an action, or requesting payment for work that’s been done? That’s got to be okay, hasn’t it?
 
 Well, unfortunately, no. More and more hackers are breaking into email threads and pretending to be the original participant. You were exchanging legitimate messages with Fred, but now you’re corresponding with a cybercriminal who has snaffled enough information – names, logos and other details – to make his request seem legitimate. 
 
 It’s a smart trick because it’s not easy to spot. And, unfortunately, it’s increasingly common. Reported cases of email thread hijacking doubled in the last twelve months. And the attacks come in different guises. If they don’t include a payment request, don’t assume you’re safe. Click a link in one of these messages and you could unleash malicious software without even being aware. You could accept an invitation and disclose personal information that puts you at risk. 
 This is a real threat. Even if you’re aware of the email hijacking trend, in the busy day-to-day routines of work life, it’s easy to trust the messages that drop into your inbox. It’s even easier to be fooled when you’re already in the midst of an email conversation. 
 
 We urge you to treat everything with caution, scrutinise details, and don’t assume that because you know the name of the apparent sender that the message is genuine. 
 
 What can you do to protect your business?
 𝐒𝐭𝐚𝐫𝐭 𝐇𝐞𝐫𝐞 📍
 1. Implement the basics: like removing local admin rights from all computers (take our 15 step checklist and see how many of the basics you have enabled)
 2. Have robust accounting processes: for example PO number, approval policy, double verification for payments and bank detail updates etc.
 3. Ensure your staff are up to date with cyber security with a simple and regular training program 
 4. Speak to your provider or give us a call, it doesn’t cost a penny to have a chat.
 IT all starts here – book a meeting