Phishing scam, also known as fishing, is a type of cyberattack or scam on email that aims to trick you into revealing your personal information, such as credit card numbers, bank details, or login credentials, on fake websites that appear to be legitimate.
The attackers use various tactics, such as email or social media messages, to lure you into providing sensitive information. Falling for a phishing scam can result in financial loss and identity theft, so it’s important to be cautious and verify the authenticity of any website or message that requests your personal information.
Example of tender scam:
The Western Cape Government state that a request for quotation (RFQ) is sent to a business by con artists scam organization pretending to be from the government department, with fraudulent contact details, requesting an instant supply of goods. Later on, the company is informed that it has won the tender. The goods are then delivered to either someone pretending to be an official or a fake location, without the department being aware of the transaction. As a result, the company never receives payment for the goods and suffers a loss.
News24 state that A company in South Africa was scammed through four fraudulent tenders, resulting in the loss of a significant amount of money. The company believed the tenders were authentic and conducted legitimate business.
How to Spot fake email:
- Generic greetings – When an organization reaches out to you via email, the tender email must be personalized and address you by your full name. If the email begins with a generic greeting such as “Dear Sir or Madam,” it may be a scam that the email is not from a legitimate source.
- Incorrect grammar and misspellings – Check for spellings because often fake emails have misspellings. Usually, professional companies and organizations have a team of editors and writers to ensure that their customers receive high-quality and professional content. If you receive an email that has obvious spelling or grammatical errors, it could be a scam. Such errors could be intentional to avoid filters that prevent such attacks.
- A desperate call for action – Beware of emails that demands an urgent action such as clicking, calling, or opening attachments. This common phishing tactic creates a sense of urgency and possibly threaten consequences if you don’t act such as legal action or financial losses to prevent you from acting.
- Check the domain name of email – If the domain name doesn’t lead you to landing page of the website homepage, then it is fake.
Below is an example of a fake tender email, claiming to be from the department of correctional services of South Africa, sent by Carol Mbatha.
Search for domain name:
Results:
This domain name does not have a website and it is not the Department of Correctional Services of South Africa. The actual website of the department of Correctional Services is http://www.dcs.gov.za/
What we TNG Solutions do to prevent this phishing attack:
If you’re concerned about the security of your organization’s data and want to take proactive measures to protect against phishing attacks, then you should consider boosting your business’s security with TNG Solutions, a trusted Microsoft reseller partner. TNG Solutions offers advanced threat protection, real-time defence against malicious links and attachments, and automated investigation and response capabilities through Microsoft 365. Don’t leave your business’s security to chance.
Read more on how your organisation can benefit from Microsoft 365
Don’t wait until it’s too late, act now to protect your organization’s sensitive data with TNG Solutions. Book a Free Consultation now.
