Skip to main content

Solutions for
Solutions by Industry


Our Story
Talk to a CIO

How to spot a scam: Email Phishing

Welcome to our new series!

Here at Island, we’ve noticed an uptick in support calls related to internet scams. While the problem of cybercrime is complex, prevention can be fairly straightforward. Taking a few minutes to freshen up on what to look out for is a great way to protect your business. That’s why we’ve put together this short series of emails. Each one will give you a quick overview of what to watch out for. This week we’ll look at Email Phishing scams.

How common are phishing emails?

“An estimated 3.4 billion emails a day are sent by cyber criminals, designed to look like they come from trusted senders.”

— StationX 2024 Phishing Report

Phishing emails are one of the most common ways to initiate a cyber attack. Not only that, but a 2023 report from Comcast found that as many as 2-in-3 malware attacks start with a phishing attempt. While a lot of these get captured by our spam filters, many don’t. We need to stay on alert as it often only takes one wrong click to download dangerous malware.

What to look out for?

Most of us have been warned not to respond to any “foreign prince” promising us his inheritance over email. Many other common scams are just as cliché and easy to spot. Yet, like we said in the beginning, we’ve been seeing an increase in successful phishing attempts. We believe this is due to advances in spammers’ ability to put together more believable scams.

Taken from the Federal Trade Commission’s research on phishing scams, here are the most common scenarios posed by scammers:

  • They’ve noticed some suspicious activity or log-in attempts
  • They say there’s a problem with your account or your payment information
  • They need to confirm some personal or financial information
  • The email includes an invoice you don’t recognize
  • The email directs you to click on a link to make a payment
  • They say you’re eligible to register for a government refund
  • The email contains an offer or coupon for free stuff 

Of course, in the case of a scam, none of these scenarios are true, but many of these could seem legitimate at first glance. In order to determine if the email is legitimate or not, here are some examples to keep in mind:

Tip: Before you click a link, hover your cursor over it. Doing that will reveal the destination URL, as you see in the picture. If the destination seems strange or inappropriate, don’t click it.

Tip: pay attention to the sender’s email. Check for spelling errors and swapped letters, and if the email is from the correct domain (e.g., Amazon would not send an email from an account, etc).

Tip: Watch out for phony attachments like the one pictured above. Disguised as an invoice, the file likely contains malware.

Photos courtesy of The University of Memphis

Ultimately, listen to your intuition. If something feels off, investigate further before clicking any links or calling any numbers in the email.

How to keep your business safe:

Here are the steps we suggest you take to protect your business from scammers

  1. Do not click any links or call any numbers provided in the email. If you are unsure about the legitimacy of the email, go to the official website of whatever institution and call/email them directly.
  2. Forward any suspicious email to and we will assess the legitimacy of the email and suggest next steps. This is a complementary service we offer to all of our clients. 
  3. Schedule regular backups for all of your data. Scammers cannot ransom your data if you have it all safely backed up.
  4. Use a reliable Email Service Provider with robust Spam Filtering software. If you’d like recommendations on which services to use for your business, you may reach out to us at

We hope this has been a helpful article for you, and we encourage you to share it with your team as a quick refresher. Next week we will be talking about a more personalized and harder to spot type of internet scam called “Spear Phishing”.

Back to Latest Posts