Safeguard Your Inbox. How to Spot and Avoid Phishing Scams?

7 minute read

Be aware of potential threats linked to phishing emails and malicious links or attachments that could compromise your email account as part of our continued commitment to maintaining the utmost security and protection of your accounts and data.

We must all practise caution and vigilance while handling emails, especially those that appear to be from external sources, as cyber risks continue to change. Because cybercriminals are continually coming up with advanced ways to trick the unwary, it is essential that we cooperate in order to keep one step ahead of them.

Here are some essential tips to help you identify and avoid potentially harmful emails:

1. Verify the Sender: Always double-check the sender's email address before opening any email. Legitimate emails from Office 365 or our company will have official domain names, and we will never ask you to provide personal information via email.

2. Look for Red Flags: Pay attention to the content of the email. Phishing emails often contain urgent or alarming messages, requests for sensitive information, or grammatical errors. If something seems suspicious, don't hesitate to reach out to our IT support team for assistance.

3. Be Cautious with Links and Attachments: Avoid clicking on links or downloading attachments from unknown sources. Hover your cursor over links to see the actual destination URL before clicking. If you are unsure about a link or attachment's authenticity, consult our IT experts immediately.

4. Report Suspected Phishing: If you receive an email that you suspect might be a phishing attempt, report it to our IT department immediately. This will help us take prompt action to secure our network and prevent others from falling victim to the same threat.

5. Use Multi-Factor Authentication (MFA): Enable MFA for your Office 365 account to add an extra layer of security. MFA requires a second form of verification, such as a unique code sent to your phone, when logging in from a new device or location.

6. Regularly Update Passwords: Ensure that you use strong, unique passwords for your accounts and update them regularly. Avoid using the same password for multiple services.

7. Stay Informed: Be aware of the latest cybersecurity threats and stay informed about best practices for online safety. Our IT team regularly sends out updates and informative materials to keep you informed.

As a security benefit, we have this set up for a number of customers. If this is something that you would like, then please let us know. We would also suggest having an Admin account for your Office 365 so we can help secure your IT systems as and when needed.



Your security is our top priority, and by staying alert and informed, we can collectively safeguard our organizations data and maintain a secure environment for all.

In February 2024, email providers including Yahoo and Google will also be sending emails to Junk if they are not ready with the changes to DMARC, DKIM and SPF. All safeguards to move phishing emails into Junk so they are less "in your face" and more for the junk pile. These emails are used to help with fraudulant activity. Any measures we can implement to stop this will help us all long term.

Is your business ready for the change? It's worth checking as it could be a purchase, quote, new business opportunities that could go a miss.

You will need to make a few updates with your DNS Hosting Provider to properly authorise your IT systems to deliver your emails.

What is DKIM?
DKIM (DomainKeys Identified Mail) is an email security standard designed to ensure that emails aren't altered in transit between the sending and recipient servers.

CNAME record should read:
Host: bit._domainkey.yourdomain.com
Points to: bit._domainkey.birakit.com

What is DMARC?
DMARC (Domain-based Message Authentication, Reporting & Conformance) makes it easier for Internet Service Providers (ISPs) to prevent malicious email practices, such as domain spoofing.

If your configuration already has a value for _dmarc.yourdomain.com (where “yourdomain.com” represents your specific domain name), no additional changes are necessary.

If this value does not exist, create a new record of type TXT with the following values (replace “yourdomain.com” with your specific domain name):
Name: _dmarc.yourdomain.com
Contents: v=DMARC1; p=none;

What is SPF?
Email providers will look for a Sender Policy Framework (SPF Record) to verify that the email they are receiving is an email sent by the actual sender and not a forgery sent by a spammer.

SPF record should read: v=spf1 include:existing.birakit.com include:_spf.yourdomain.com ~all

If you would like help with Phishing emails please speak to a member of our team on 01489 290 001. You can also drop us an email.

This post was brought to you by Baldeep on 10 Aug 2023.

Small businesses are often left behind by IT companies as the aim is to work with the larger businesses. Baldeep started the company knowing that IT doesn't have to be your frustration. Provide great solutions at small business budgets is helping companies in Hampshire to focus on their goals without the burden of IT overheads or downtime.

Baldeep continued developing his skillset and has multiple accreditations to his name including his degree, Microsoft Certifications, ITIL and VMware Data Center Virtualization Certification. He is always learning to move IT forward for your business.

Thank you for reading this blog! If you enjoyed it please do RATE this article and click SHARE to share it with your network

Book Your Business IT Audit Here

Want to keep your IT on track? With the Birak Bulletin gain access to case studies, video guides and news digests to help you gain 10 minutes a day. Claim the offer here

Recent blog posts

Here are some recent posts from the team. If you have a post you would like added, please drop us an email.

The Top Reasons to Upgrade from Windows 10: A Comprehensive Guide

This system blocks nasty virus and cleans IT systems

How to use Windows 11