Don’t Open that Email Attachment!

Part 2: 5 phishing tactics threatening UK businesses

Malicious email attachment
Train your staff to recognise dangerous email attachments

In the first of our series of blog posts we gave an example of CEO Fraud. In this second blog we’re focussing on emails containing malicious attachments.

We’ve all experienced arriving home from work to be greeted by a ‘We failed to deliver your parcel’ card on the doormat. The anxiety of losing that precious package typically has us rushing to the parcel depot at the first opportunity.

In February this year, email scammers exploited the same emotional drivers in an email to FedEx customers. The email claimed that a courier had attempted a delivery but no one was at home to sign for it. The recipients were advised to print a receipt and take it to the nearest FedEx office within 48 hours.  The urgency around the request was a typical tactic, giving people less time to question its validity.

In doing so, many of the recipients unwittingly downloaded a malware application designed to corrupt computers and endpoints.

It’s a scam that has been running for years, and those behind it are doing so with increasing levels of authenticity and sophistication.


Want to check how good your organisation’s security is? Click here.

Fake email showing a print receipt button

Of course such phishing attempts don’t just fall under the guise of couriers. Scammers try all kinds of tricks to entice people into installing malware disguised as harmless looking documents.

Often the attachments install ransomware, which we’ll feature in a subsequent post.

Another example is the bogus job application, which can easily fool company employees. Apparent job seekers request managers and HR executives to open CVs or covering letters. The consequences to business can be both costly and embarrassing.

Email from a fake job applicant showing a CV attachment

How to stop your staff downloading malicious attachments

  • Provide regular awareness training
  • Simulate a targeted phishing attack with PhishAware
  • Use the results to understand which departments and locations within your business are most at risk.

Learn more about PhishAware

Receive the full infographic of the 5 hot trends in phishing tactics here:

Send me the Infographic


Want to know more? Get in touch with one of our experts today