Northampton Tel:01604 582000    Milton Keynes Tel:01908 887515

Phishing:Don’t be easy bait!

We’d like to start with a little story.

Cast your mind back just a few weeks to that long, blisteringly hot summer. It’s a balmy evening and Trevor the trout is happily swimming along in the lake, minding his own business. He’s a simple soul is Trevor, and he likes nothing more than meandering along among the rocks and algae, just taking it all in.

 

He’s heard tales of scary humans who sit by the water with big sticks, luring fish like him away from their families, but he’s never actually seen one himself. Besides, he’s careful. He wouldn’t get caught out like the other silly fish. “I’ll be fine” he says to himself. “Nobody’s going to pick on me.”

 

Out of nowhere, something above the water catches his eye. It’s the biggest, juiciest insect he’s ever seen in his life. It smells deliciously revolting, and he can’t resist it. He leaps towards the surface, catches it in his mouth and closes his eyes, ready to savour this fine delicacy.

 

Uh-oh. Before he has any time to think, poor Trevor’s flying through the air towards what he quickly realises must be one of those legendary scary humans.

He’s caught on a hook, and no matter how hard he tries he can’t get free.

Within a few short minutes it’s all over, and later that same evening he’s someone else’s dinner. The end.

Not exactly War and Peace, and we’re sorry if Trevor’s sad tale has put you off your tea. But we’re here to tell you all about phishing, and it’s got a lot more in common with the popular leisure activity than name alone.

What is phishing?

Cyber crime is big business, and phishing attacks are one of the baddies’ favourite routes into an organisation. You’ve probably heard of them, but you might not be 100% clear on exactly what they are and how they work.

Here’s a simple definition:

 

 

A phishing scam happens when a cybercriminal pretends to be someone else to gain information. Commonly they do this by sending fake emails designed to look like they’re from

a trusted source, such as the Chief Executive or Head of Accounts.

 

The aim is to make the victim feel a sense of fear, curiosity

or urgency so they quickly open a dodgy attachment, or send important details

like bank/credit card details, user names or

passwords.

They rely on the fact that most staff are eager to please their superiors and won’t question them, so they freely give out sensitive information they would normally

hang on to.