Email phishing

This type of attack is generally received via emails that appear to come from a legitimate organisation, for instance, a bank or one of your clients or suppliers. The emails contain a link to a fake website that replicates a real one. The victim is then encouraged to input sensitive information, such as passwords. Typically, poor phishing attacks have bad spelling or grammar within the email. For those that look more professional, the only real giveaway is the fact the email asks the victim to click on a link.

SMS phishing (smishing)

Smishing involves sending fraudulent link via text message to a mobile phone. This can be very effective as staff are generally more likely to click on text message links. There may also be fewer clues to look for in a short text.

Voice phishing (vishing)

Here, the victim receives a phone call from someone claiming to be from a legitimate organisation, eg a bank's fraud unit.  The caller may know the victim's name and account number, often asking for the head of the finance or head cashier by name. The caller display can even show the correct bank phone number if the fraudster has created a false number. The caller will warn about possible suspicious activity on the bank account and might even be able to give genuine details of recent transactions. The fraudster will then claim that the account has been frozen due to suspect transactions but that payments can be made with their assistance. The victim is then persuaded to either provide details of passwords and account details or transfer a sum of money directly to the fraudster to overcome the problem. Sometimes the fraudster will keep the phone line open and advise the victim to call their bank, remaining on the line without the victims knowledge during the call. 

Social engineering

Humans can be the weakest link in cybersecurity, and attackers use freely available information to pick out who is likely to be vulnerable. Information from social media, such as Twitter, Facebook and LinkedIn, can be very useful as people often discuss events and changes in their work and public life. The telephone is the most common form of social engineering. Attackers often use social engineering techniques, such as pretending to be IT support staff, to con users into giving away their passwords and the using those to access the system.

Email spoofing

The email of a firm's senior leader is often readily available on the internet. A common cyber-fraud involves sending a email to the firm's accounts team, from the CEO or senior partner, requesting an urgent and immediate payment to a new account. The email address replicates that of the CEO, resulting in more junior staff feeling obliged to make the payment quickly and without question.

Invoice hijacking

This scam involves a fraudster intercepting correspondence between two parties who have an existing contractual relationship. The fraudster then invoices the target for services that have actually been rendered. Typically, the client receives an email asking for funds to be transferred to a separate account, perhaps "due to a limit being reached". The fraudster provides details of a new account to which the client sends the funds. This fraud will often rely on email correspondence being hacked, leading to disputes as to who was at fault. Invoice hijacking inevitably damages client relations and may cause reputational harm.

Malicious software (malware)

This is any piece of software that is specifically designed to disrupt or damage a computer system. It carries out a hidden function on the target system for an attacker and comes in different forms, such as ransomware, Trojans etc. Commonly installed alongside quasi-legitimate software, malware can also be disseminated via email attachments, web browsing and file sharing. Once malware is on the system, it can be difficult to detect and remove.


This is a type of malware that infects a computer or network, blocking the victim from some or all of a system/data. A sum of money may be paid to the criminals, who then send the victim instructions on how to unlock the data.


A virus is malware that, when executed, reproduces itself (copying its own source code), infecting other computer programs by modifying them.


A Trojan is designed to damage, disrupt, steal or inflict some other harmful action on your data or network. A Trojan acts like a genuine application or file to trick you. It seeks to deceive you into loading and executing the malware on your device. Once installed, a Trojan can perform the intended damage.


This malware exploits vulnerabilities in frequently visited websites. The websites are hacked and then used to deliver malicious software to website visitors through adverts and downloads.

Website and network hacking

Hacking involves someone trying to remotely access a business or personal IT system, using variety of widely available tools and known vulnerabilities. Hackers target online services and IT systems to steal, corrupt or destroy information.

Distributed denial of service (DDoS)

DDoS involves either interrupting or shutting down a target IT system by flooding  it with requests, for instance, external emails. The target system is unable to respond effectively to the high volume of traffic and slows or shuts down. A DDoS attack commonly targets large services, such as email and websites, which has a follow-on effect on smaller entities.