Why phishing awareness matters
Phishing is one of the most common and costly cyber threats facing small businesses. It is a type of scam is where cyber criminals impersonate trusted sources, often through email or texts that look genuine, but are designed to trick you or your team into clicking a malicious link, sharing sensitive information, or even making payments to fraudsters.
Most successful cyber-attacks succeed not because of technical flaws, but because someone is caught off guard or rushing. Taking a moment to think before acting is your best defence and it’s something we can all do, together.
How to spot a phishing email
Here are our five practical tips to help you and your team stay safe:
- Double check who it’s from: Look out for sneaky email addresses that mimic trusted ones but have small changes (e.g. contact@supplier.com.au vs contact@supplier-express.com.au . If something looks off, don’t click it.
- Don’t let your urgency steal your festive cheer: Scammers love to use phrases like “Your account will be closed today!” or “Immediate action required” to make you act without thinking. Don’t let urgency steal your festive cheer, take a breath and check twice before you click.
- Hover to uncover: Before you click any links, hover to preview the URL. If it looks suspicious or doesn’t match the sender’s organisation, it’s best to leave it unopened just like a dodgy gift.
- Look out for spelling mistakes and poor grammar: Watch for subtle spelling or grammar mistakes, even small errors can be a sign something’s off. If in doubt, verify the message by contacting the organisation using details you’ve found yourself, like from their official website. Always access secure portals or apps directly, never via email links.
- Keep your information to yourself: No reputable company will ask for your passwords or credit card details via email, text or phone. If in doubt, check through official channels.
We’ve also created these tips as an easy-to-download poster. Print it out and put it up on your workshop wall or save it somewhere visible, so you and your team can refer to it whenever you’re unsure.
Test your knowledge – Take the Phishing Quiz
Think you can spot a scam? Put your knowledge to the test with our 3 min Phishing Quiz. Challenge your team and see who’s the cyber security champion in your business!
Take extra precautions and protect your business with Cyber Insurance
The reality is that cybercrime is on the rise, with the Australian Cyber Security Centre receiving a report every six minutes, and the average attack costing a business nearly $50k.
Phishing scams are getting smarter so make sure your business is protected. It is not just about the right knowledge but also the right tools.
That’s why it’s important to have a safety net in place. In Australia, Capricorn offers Cyber Insurance through Capricorn Insurance Services, and in New Zealand, it is available through our insurance brokerage. Each service is designed to help your business recover quickly and reduce the financial and operational impact in case your targeted by cyber criminals.
What does Cyber Insurance cover?
- Phishing attacks and credential theft
- Denial of service and ransomware incidents
- Point of sale intrusions and crimeware
- Privacy errors and unauthorised data disclosure
- Cyber response costs, business losses, and third-party claims (including loss of profits, IT forensics, PR costs, defence costs, and virus extraction)
Don’t wait until it’s too late
At Capricorn, we’re here to help our Members stay safe on the road and online. Our team is here to help protect your business, this festive season and all year round.
For more information on how Cyber Insurance can help protect your business, contact your local Risk Account Manager for more information, or simply call 1800 007 022 (AU) | 0800 555 303 (NZ) or email info@capricornrisk.com for assistance.
Cyber Insurance is subject to terms, conditions, and acceptance criteria. Please refer to the Product Disclosure Statement for full details.
