​

While email phishing scams are not new, the continued prevelance of this type of attack shows that it is still an effective method of comprising targets.

​

Business Email Compromise (BEC) is a scam often against organisations that often transfer  money between organisational element or to suppliers.  Email accounts of executives or high-level employees related to finance are either spoofed or compromised through the use of targeted spear-phishing attacks, in order to carry out fraudulent transfers which result in potential financial losses in the hundreds of thousands of whichever currency is in use by the organisation. 

​

In addition to financial fraud, phishing emails are often used to obtain credentials for account logins, whether it be email, website login or social media account.

​

While number of technical solutions exist to mitigate the risk from phishing-related emails, there is always the possibility that phishing emails may slip through the net, particularly if user credentials have previously been compromised and emails are seen to be originating from an 'internal' account.

​

Both vishing and SMShing are similar attacks to phishing, the difference being that the attack is initiated through a phone call or SMS message.  Calls/messages are often used to persuade recipients to carry out a particular action or go to a specific website, or simply to initiate some other measure of response. 

​

We can work with your organisation to identify the risk from phishing, vishing, and SMShing attacks through analysis of current business activities, running simulations to test awareness, and implement multiple measures to mitigate the risk from these types of attack.

​

​​​Please contact us for more information and to discuss your requirements in this area.