According to the McKinsey Analysis, the average professional spends 28% of the work day reading and answering emails. For the average full-time employee, that amounts to 2.6 hours spent, and 120 messages received per day. Now, compound these normal business-related emails with employees receiving personal alerts from their child’s school warning them that someone in their child’s classroom has been exposed to COVID-19. Or, maybe an employee is studying for class and is using their personal email to exchange messages with their instructor. All of these email activities have risks associated with them: email schemes.
It’s important we discuss security awareness and provide training to employees on detecting and reporting schemes. All too often we hear stories where individuals click emails as soon as they receive them (without studying the sender’s address, or looking for odd characteristics – misspellings, etc.). A common example is an email with an urgent subject line appears in the employee’s inbox to say there’s an urgent message, asking them to click on a link within the email body. In a split second, the employee will either quickly realize it’s a scheme and report to their IT representative, or they unfortunately click on the link — not knowing they’ve just exposed the company to a possible scheme. Unfortunately, some individuals may delay reporting the activities to their IT representative for fear of embarrassment. This only compounds the problem.
If you suspect or feel you’ve been a victim of an email schemes, please report it immediately.