Become your own Cyber Security Investigator

Phishing is a really common form of cybercrime where victims receive unsolicited emails that appear to be from an official person, organisation or government agency. A phishing email, also known as a phish, will lure victims in using offers of tax refunds, free gifts, or requests for urgent action from Senior Management. The phish typically includes a dangerous link, which can result in malware being installed on your device or user credentials/payment card details being stolen. In cases without a link there may be a request to pay an invoice or change banking information.

The recipient should contact the requesting organisation to verify any requests but should NEVER reply to the email and NEVER use the contact details contained in the email.

Phishing campaigns can be broad in nature where everyone in an organisation or distribution list is contacted in the hope that one or more individuals will respond to the phish or they can be targeted at individuals who work in certain roles such as Finance or Senior Management.

• The National Cyber Security Centre (NCSC) Working From Home Security Advice has a section dedicated to phishing.
• USA National Institute of Standards and Technology (NIST) advice on phishing.
• If you believe you are the victim of a cybercrime.