Phishing emails are getting more sophisticated and harder to spot. In a phishing attack, the cyber criminal will send fake emails purporting to be from a genuine sender such as your bank, a trusted retailer or provider. In these emails, which on the surface appear to be genuine, the sender will try to trick you into giving away sensitive information such as your login credentials or bank details. Typically they do this by including a link for you to click on, which you think is taking you somewhere genuine, only it isn’t. Once you realise you have either clicked on a compromised link, or given away sensitive data, it’s important to react quickly to minimise the impact.

Here we provide some simple tips to help you and your business survive a phishing attack.

Don’t panic. If you panic you are likely to make the situation worse. Perhaps by deleting information that will later prove useful in determining where the phishing attack came from or how far it went. Stay calm and follow the steps below to help minimise the impact.

Reset your password – even if you don’t think your password has been compromised, it is always a good idea to reset this as a first point of call. It may prevent cyber criminals from re-gaining entry to your device or network. Make sure you use a secure password that is not used for anything else and uses the right combination of words, letters, numbers or symbols as set by your IT department or provider.
Notify the people that matter – depending on the size of your business you may have an internal IT department, or external provider that needs to be notified of any attack. The sooner you can do this, the better it will be in terms of preventing the attackers from getting further into your network to compromise more sensitive data. If you think that clients data, in particular personal data, has been compromised you need to notify the ICO within 72 hours of the breach taking place in order to meet UK GDPR requirements. The information you will need to give them will include when the breach took place, the number of personal data records concerned, a description of the consequences and an outline of the measures you have taken. This will help to mitigate the impact.
Run malware scans – this will help to assess the scale of the damage and whether any malware has been installed on your computer. You should notify your IT provider or department about the results of any scans you run. This will make sure they are kept up-to-date about the extent of the attack.
Keep a lookout for anything suspicious – if the data you have revealed is financial in nature, be wary of any payments that don’t make sense or any signs of identity theft. Maintaining a higher level of vigilance in the aftermath of a phishing attack might help you to stop cyber criminals in their tracks.

Minimise your future risk of phishing attacks

You can’t expect everyone within your organisation to able to identify and report suspicious emails, nor can you reprimand those who click on a link in what seemed to be a genuine email since attacks becoming more sophisticated. What is helpful, however, is to keep on educating employees about the latest phishing attacks and the signs to look out for.



This will include asking the following questions:

Does the logo and design look the same as the ones you are used to seeing from that organisation or are they larger/poor in quality?

Is the email addressed to you by name or does the greeting start with ‘hello friend/valued customer’ because the sender does not know you?

Is the spelling and grammar the level you would expect from a professional organisation? Poor quality content could indicate the email is not from the said source.

Does the email ask you to act urgently, such as within 24 hours? Or is there a link to click if you have been a victim? Beware as wording such as this can be a sign of a phishing email.

Does it sound too good to be true? Then it probably is. Genuine organisations will not want you to give any money or gain access to secret information.

At Matrix IT we offer a range of cyber security services to protect you and your business from cyber threats such as phishing emails. If you want more tips on how to survive a phishing attack, our teams can provide this for you as part of our suite of cyber security services, click here to get in touch and find out more.

Anthony Knight

15:57 07 Oct 21

MATRIX were the Business IT Company of choice for the Forgotten Veterans UK (FVUK) charity for a network and equipment upgrade and change of operating system provider. A challenging project that required high quality work for an office IT installation in an historic monument. Excellent professional support was received throughout. It was an absolute pleasure to work with all aspects of their team that includes sales, accounts, field engineers and project management. The attached picture refers to a small part of the Project meetings (1), external network build (2) internal office build (3) and the completed project (4).

Robster Modriques

11:07 17 Sep 21

I have been a fan of Matrix for some time and have recently been onboarded as a client. Really pleased to report that the real client experience does not disappoint. I am very happy to recommend these guys.

Laurence Smith

10:56 16 Sep 21

In working with Matrix to upgrade out IT systems at the charity we have always found them to be responsive & supportive as well as a company you can trust.

Chloe Nicklin

12:35 16 Jul 19

Helpful and very friendly staff. Able to resolve IT issues fast and makes the process simple!

John Bland

07:55 16 Nov 18

Fantastic service and a great team. We have recently changed I.T. providers to Matrix and wish we had done so years ago.Our last provider left a lot to be desired. However we were reticent to change as I was of the opinion we were so embedded with our last providers, a change would be fraught with difficulties.I need not have worried and am so happy that we are now with Matrix.Well done matrix!John BlandTecsew Ltd.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

How to survive a phishing attack

Here we provide some simple tips to help you and your business survive a phishing attack.

Minimise your future risk of phishing attacks

The Critical Role of Dark Web Monitoring

How to setup a secure password

Huntress Quarterly SMB Threat Report

Most Common Email Scams

How to get the most out of Teams

Phishing Strategy – How to minimise phishing attacks

Most Common Internet Scams

Here we provide some simple tips to help you and your business survive a phishing attack.

Minimise your future risk of phishing attacks

RELATED STORIES